Win32/Conficker exploits Windows vulnerability

worm

Win32/Conficker is a new worm out there ,which seems to be a headache for Windows users these days.It seems to exploit a vulnerability in the system which has been addressed in  MS08-067, a Microsoft security update.

”   It opens a random port between port 1024 and 10000 and acts like a Web server. It propagates to random computers on the network by exploiting MS08-067. Once the remote computer is exploited, that computer will download a copy of the worm via HTTP using the random port opened by the worm. The worm often uses a .JPG extension when copied over and then it is saved to the local system folder as a random named dll,….It is also interesting to note that the worm patches the vulnerable API in memory so the machine will not be vulnerable anymore. It is not that the malware authors care so much about the computer as they want to make sure that other malware will not take it over too, ….  ” : Microsoft

Additional readings :

Avira security

Worm/Conficker

Ad :

This post has been viewed over 1000 times around the globe. To place your text ads / simple banners here ,mail me at : micman.manoj at gmail.com

top posts