‘Downandup’ worm hits 3.5 million Windows PCs in 4 days
The Internet has been hit by a rapidly spreading network worm, due to which 3.5 million Windows computers have been infected in the last four days. The worm is being hailed as Downandup, Conficker, or Kido!
It is a vulnerability affecting Microsoft's server service - patched in October 2008 by the company's Security Bulletin, MS08-067 - through which the worm spreads like the plague. Once the worm reaches a machine, it activates an HTTP server to reset the System Restore point of the machine, thereby stopping administrators from deleting it.
Speaking in stricter terms, rather than being one worm, Downandup is a horde of alternates. The usual Trojan package of the worm allows the downloading of new files from the controller's own server. However, the malware generates numerous apparently capricious domain names to scan for updates, and causes difficulty in tracking the controller. By disabling different features like Windows security, networking and updating, the worm shields itself. It modifies networking settings for speeding up its knack of copying itself to other PCs, along with obstructing access to security-related domains.
In a blog post, Christopher Budd, a security program manager at Microsoft Security Response Center, said: "The vulnerability is potentially wormable on older versions of Windows, XP and earlier; we're encouraging customers to test and deploy the update as soon as possible."
The U.S. Department of Justice (DoJ) has indicted...Read More
The discovery of seven Earth-sized planets orbiting...Read More
The birth of early supermassive black holes has...Read More
U.S. Environmental Protection Agency (EPA)...Read More
Google Inc. parent firm Alphabet-owned Waymo has...Read More
The health of Australia’s Great Barrier Reef is in...Read More