Archive

Archive for November, 2008

TruPrevent stops Conficker.A worm proactively

November 28th, 2008 3 comments

As I'm sure you've heard already, there's a new worm called Conficker.A out there exploiting the latest critical Windows MS08-067 vulnerability which allows remote code execution via specially crafted RPC calls. SANS has been tracking this and has seen an important increase in port 445 scans as is shown on their website:

As we've been seeing quite a bit of this worm's activity specially in corporate networks, Isma has created a new TruPrevent Security Policy which can effectively stop this worm on its tracks generically (without antivirus signatures):

 

 

Panda users don't have to worry about this worm. Simply make sure your protection is configured to update itself automatically (which it is by default) and don't forget to patch your Windows installations.

Categories: behavior analysis, Malware, Vulns Tags: