Bloomberg Anywhere Remote Login Bloomberg Terminal Demo Request


Connecting decision makers to a dynamic network of information, people and ideas, Bloomberg quickly and accurately delivers business and financial information, news and insight around the world.


Financial Products

Enterprise Products


Customer Support

  • Americas

    +1 212 318 2000

  • Europe, Middle East, & Africa

    +44 20 7330 7500

  • Asia Pacific

    +65 6212 1000


Industry Products

Media Services

Follow Us

Bloomberg Customers

Businessweek Archives

A Conficker Worm Primer

What is it? The Conficker worm (aka Downadup) is a Windows worm that can infect your computer, automatically spreading to other computers across a network. To date, the worm has spread to as many as 10 million machines around the world. The worm has an automated update capability and, once it’s installed on a system, it disables anti-virus and Windows updates and attempts to spread to other PCs.

How does it work? The worm spreads in three major ways. The first is through a specific Microsoft vulnerability (dubbed MS08-067). It scans for specific hosts—located on TCP port 445—and attacks them once it finds such a host. It can also spread over USB devices using the AutoRun feature, opening file shares by guessing account names and passwords.

Should you be worried? If your computer is up-to-date with the latest security updates and antivirus software, you likely don’t have the Conficker worm. In February, Microsoft () announced a collaborative effort—called the Conficker Working Group—between Microsoft, global technology industry leaders, and academics, to implement a coordinated, global response to the threat posed by Conficker.

How can you prevent it? Installing the patch (MS08-067) and keeping your anti-virus software updated is the best prevention. Also, look at rolling out Microsoft’s new tool to disable the AutoRun feature. If you have an infestation, you may have to resort to rolling out a Conficker removal tool, available for free from Microsoft and all major anti-virus companies, to the hosts using a custom update mechanism. Once you do that, you can update AV and Windows. It’s also a good idea to screen USB devices for signs of carrying the infection.

Jose Nazario

Manager of Security Research

Arbor Networks

Chelmsford, Mass.

blog comments powered by Disqus