Technology•
on July 14th, 2009•
Today, ISC SANS returned the Infocon status to green. They are hopeful that yesterday’s raising of the status to yellow increased awareness of the vulnerability.
Microsoft has released Windows Updates for multiple issues today, and one directly addresses the ActiveX vulnerability that caused the Infocon status to increase to yellow yesterday. Microsoft customers are recommended to deploy the new updates soon, in particular those rated with a Critical classification.
Read more about Microsoft’s latest updates along with executive summaries here, Microsoft Security Bulletin Summary for July 2009
Keenpath’s Recommended Action:
Those with Automatic Updates enabled will receive the latest updates and they will be automatically installed
For more control over how the updates are deployed, Microsoft Windows Server Update Services (WSUS) are recommended to approve and install the updates
Technology•
on March 31st, 2009•
This is one well-designed piece of malware – Bruce Schneier, Schneier.com
Get started on understanding Conficker
The Conficker worm has infected millions of computers using the Microsoft Windows operating system since its debut in October 2008, and on April 1, 2009 will begin communicating using a new algorithm that has security organizations up in arms regarding what it will do next.
Consumers need to deploy basic but effective security measures
Recommendations for consumers:
- Run Windows Updates, installing the latest Critical and Security updates.
- Install and update reputable antivirus software
- Make sure the built in Windows OS firewall is enabled, or install third party firewall
A simple way to check all of the above is to go into Control Panel, then Security Center to check security end points.
Microsoft created a page for consumers on what you need to know, you can view it here. They also created a page for IT Professionals, which can be viewed here.
Technology professionals need to use advanced tools
DoxPara Research has released some tools, in collaboration with other security researchers, for technology professionals to scan their networks using simple, but effective scan tools. To download the tool from DoxPara, go here, as well to learn more information regarding some popular security tools, such as nmap’s release of the detection logic.
Add another layer of protection using OpenDNS
OpenDNS continues to live up to its mission to make your network safer, more secure, and reliable by providing Botnet Protection. Set up a free account here and help further secure your network.
Remediation software
In the event Conficker is found on your computer, utilize your antivirus software to do a full scan, but also check out this list of third party remediation (removal) software from the Internet Storm Center.
Time will tell
Time will certainly tell the effects of what this well designed malware will have on computers running Microsoft Windows. All in all, with good, basic security measures in mind and put in to practice, as well with the help of organizations combined efforts such as with the Conficker Working Group, the effects will hopefully be reduced and quarantined appropriately.
