Conficker/Downadup Worm
Conficker/Dounadup worm takes advantage of a Microsoft Windows vulnerability called MS08-097. Machines that receive automatic updates should already be protected from remote attack against this worm. However, this worm is very dangerous because it can spread from an infected machine to other machines through network shares and portable devices such as memory sticks and portable hard drives.
To protect against this worm:
- Please ensure that your Windows machine's patch level is up-to-date.
- Please ensure that your anti-virus software has the latest virus definitions.
- Disable network shares, if possible.
- Disable autorun to prevent attack via removable media. (See US-CERT Technical Security Alert TA09-02A)
- Use caution with USB Drives. (See Cyber Security Tip ST08-001)
If anti-virus software determines or you have reason to believe that you are infected with this worm, please contact our office at lsu-itsecurity@lsu.edu.
Additional Information about the worm can be found here:
Symantec Website - (Removal Tools available here)
Microsoft Security Bulletin MS08-067
This announcement posted Wednesday, March 25, 2009