Jump to content
bugislive

Downandup/Conficker Infections?

Recommended Posts

Hi,

No I have not sent you a sample.

I am rather surprised that that you appear not to have heard about this particular worm which is in the press and on just about every Internet news site! I take it you have been living in a cave on Mars with your fingers in your ears for the last few weeks?

I am frankly a little disappointed that SAS is not being more pro-active in this area give this is probably the most serious worm released since Sasser and MS Blaster.

Can I suggest that you double check to see if you have included detection for this in SAS (and answer my question) because if you haven't then I will need to recommend alternative software to all of my customers and re-think my recommendation of your software in the future.

Regards

Simon

Share this post


Link to post
Share on other sites
The vulnerability that the worm(s) exploit was patched by Microsoft a month before the worms themselves were seen in the wild, the reason so many are getting hit is lack of Windows Updates, as long as your clients are patched up, they're safe from this one.

Here's the link to the info on the patch from MS: http://www.microsoft.com/technet/securi ... 8-067.mspx

note: This vulnerability doesn't exist in Vista or Server 2008

The link no longer works. Here is some information from Microsoft. It looks newer than a month ago.

http://support.microsoft.com/kb/962007

http://www.microsoft.com/security/porta ... /Conficker

Some more information.

http://www.f-secure.com/v-descs/worm_w3 ... p_al.shtml

http://www.f-secure.com/v-descs/worm_w3 ... un_a.shtml

Share this post


Link to post
Share on other sites
Hi,

No I have not sent you a sample.

I am rather surprised that that you appear not to have heard about this particular worm which is in the press and on just about every Internet news site! I take it you have been living in a cave on Mars with your fingers in your ears for the last few weeks?

I am frankly a little disappointed that SAS is not being more pro-active in this area give this is probably the most serious worm released since Sasser and MS Blaster.

Can I suggest that you double check to see if you have included detection for this in SAS (and answer my question) because if you haven't then I will need to recommend alternative software to all of my customers and re-think my recommendation of your software in the future.

Regards

Simon

Simon - we of course have been on top of this, and we simply asked if you had additional samples - the more samples we have, the better protection we can offer. So now you can shift your "disappointment" elsewhere :)

Share this post


Link to post
Share on other sites

Create an account or sign in to comment

You need to be a member in order to leave a comment

Create an account

Sign up for a new account in our community. It's easy!

Register a new account

Sign in

Already have an account? Sign in here.

Sign In Now

×