Current Virus Alerts and Virus Advisories Alerts: reported at Johns Hopkins
Advisories: reported by Symantec as widespread
(View the Johns Hopkins blocked host list)
Virus Advisory - 1 April 2009 - "Conficker" -- aka W32.Downadup
Description and Impact. Computer information security analysts have been seeking the origins and effects of a potentially dangerous computer worm called Conficker, which was slated to release its “first wave” of effects on April 1, 2009 (April Fools' Day). While not much happened on April 1, experts generally believe that at some point, rogue systems in the Internet may use infected systems as a "botnet," resulting in an array of possible effects ranging from the display of pop-up windows and adware, to data theft or malicious destruction, to attempts to launch an attack on systems containing sensitive information within government, finance, or industry. The consensus to date is that the worm is "evolving" to make itself better protected against future detection and removal. Prevention, Detection and Removal. Symantec virus definitions dated March 11, 2009 or later detect the three known variants of the worm. Symantec also has a removal tool available for the variants of W32.Downadup. The good news for those who regularly apply Microsoft Windows security patches and run effective and up-to-date antivirus software is that there is little chance your computer has been infected. In October 2008, Microsoft released a critical security bulletin called MS08-067 – Vulnerability in Server Service Could Allow Remote Code Execution (958644) which prevents the Conficker worm from propagating over Windows network connections. Disabling the Windows “Autorun” feature can also prevent the worm from spreading if it has infected removable drives such as USB flash drives or external hard drives. A Microsoft article explains how to disable Autorun on most current versions of Windows. It is also strongly recommended that you scan removable drives using your anti-virus software. Further Information. More information about Conficker is available from these sites: US-CERT: United States Computer Emergency Readiness Team - summary of information and links regarding the worm University of Bonn, Institute of Computer Science IV - tools and information on Conficker produced as part of the Honeynet Project | 
