The latest Microsoft Security Intelligence Report (SIR) has complied new data taken from over 600 million systems worldwide, and has found that iterations of the Conficker worm have appeared on roughly 220 million computers over the past 2.5 years. This makes Conficker one of the most substantial ongoing, broad-based threats to enterprises.
According to Wikipedia –
Conficker, also known as Downup, Downadup and Kido, is a computer worm that surfaced in October 2008 and targets the Microsoft Windows operating system. The worm exploits a previously patched vulnerability in the Windows Server service used by Windows 2000, Windows XP, Windows Vista, Windows Server 2003, Windows Server 2008, Windows 7 Beta, and Windows Server 2008 R2 Beta. The worm has been unusually difficult for network operators and law enforcement to counter because of its combined use of advanced malware techniques.
Conficker was set to launch on April Fool’s Day in 2009, but nothing really happened – though not to say the malicious code didn’t get around, and still broadly exists. Data from Microsoft’s SIRv12 shows detections of Conficker have gone up 225% since early 2009, and was traced to 1.7 million systems in Q4 2011. Research also shows that 92% of Conficker infections are instances of compromised passwords, and the other 8% are due to systems lacking the latest security updates. Commenting on a a lack of Windows security, Tim Rains, Director of Microsoft Trustworthy Computing, states, “Conficker is one of the biggest security problems we face, yet it is well within our power to defend against – It is critically important that organizations focus on the security fundamentals to help protect against the most common threats.”
Microsoft recommends users take the following measures to promote better system security:
Use strong passwords and educate employees on their importance
Keep systems up to date by regularly applying available updates for all products
Use antivirus software from a trusted source
Invest in newer products with a higher quality of software protection
Consider the cloud as a business resource
Again, the two primary measures to be taken are to use and protect solid passwords and to frequently access Windows Update. Also, Microsoft plans to launch an updated version of its SkyDrive cloud system in tandem with the introduction of Windows 8, which is rumored to be sometime in October. It’s noted that the cloud can also improve security for businesses.