This message about Conficker is not for people in the security industry. It is directed to the home computer user.Is the Internet coming to the end on April 1? Will your computer crash and burn if you are online on that day?
The answer to both questions is NO.
Has there been a lot of hype about Conficker and April 1? Yes, there has and it will likely continue. Earlier this week I added to the Conficker hype in Time is of the essence. Why am I concerned about the health of your computer? Consider the known capabilities of the current Conficker variants, as described at Security Focus,
". . . the worm program blocks security software, distributes code by creating a peer-to-peer network, and attempts to prevent anyone but the authors from updating its code by authenticating updates using a hash algorithm — known as MD6 — that is only a few months old. The collection of those capabilities worried the researchers."With that in mind, there is reason to worry if you or your friends have file sharing turned on, use P2P (Peer to Peer) programs, or share information via USB (thumb) drives.
Let's start with file sharing
If you have file-sharing turned on and become infected, the Conficker worm could allow remote code execution. In other words, the worm would take control of your computer. Microsoft KB Article 307874 includes instructions for turning off file sharing. Also available is a Microsoft Fix it to make the change for you.
Disable Autorun
USB/thumb drives use autorun to load files when the drives are plugged into the USB port. To prevent malware from spreading to your computer, disable autorun. The How-to Geek has simple instructions for disabling autorun on both Windows XP and Windows Vista:
This from Microsoft: How to disable the Autorun functionality in Windows
Other reasons to be concerned is the state of security protection.
Check Security Updates
Although it is recommended that all security updates be installed on your computer, at a minimum, ensure that "Security Update for Microsoft Windows (KB95688)" is installed:
- Windows XP: Start > Windows Update > Other options > View installation history
- Windows Vista: Programs > Programs and Features > Installed Updates
Firewall
Surprisingly, there are still too many people on the internet without a software firewall. If this is true for your computer, at a minimum, activate the Windows Firewall. For help with this, go to How can I turn on or turn off the firewall in Windows XP Service Pack 2 or later versions?
Antivirus Software
Both Avast! and Avira AntiVir are free for personal use. If you do not have an antivirus software, install one now.
Pay It Forward
Conficker has affected the operation of hospitals, military, large corporate systems, and even the House of Commons. (There is a long list of articles below from The Register if you are interested in the extent of the impact of the various variants of this worm.) New readers of Security Garden may not be familiar with "Pay It Forward:
"3 people helped each day, ‘paid forward’ by each person helps 4.7M people in two weeks."If each Security Garden reader checks with one or two of their friends and they in turn check with their friends, to make sure the computer(s) in their home have file sharing disabled, are updated, have a firewall and up to date antivirus software, worms like Conficker will have less of a chance of spreading.
Whether it is the best or worst case scenario as depicted at Security Focus, don't let your friends be part of this:
" 'In the best case, Conficker may be used as a sustained and profitable platform for massive Internet fraud and theft," wrote Phillip Porras, Hassen Saidi and Vinod Yegneswaran, all of SRI International. "In the worst case, Conficker could be turned into a powerful offensive weapon for performing concerted information warfare attacks that could disrupt, not just countries, but the Internet itself.' "Help from Microsoft:
No comments:
Post a Comment