Microsoft Malware Protection Center

Threat Research & Response Blog

Browse by Tags

  • Blog Post: A Few Quiet Days… and a New Exploit of MS08-067 Has Been Identified

    April 1st is behind us and nothing really happened with Conficker . But it is never boring in the antimalware world. We have found a new exploit of MS08-067 other than Conficker. We also discovered that we already detected and protected users against this new malware. We added information about mitigations...
  • Blog Post: Cashing in on Conficker's Bad Name

    Over the last couple of days we've seen some spam claiming to be from Microsoft, providing a free scan to remove Conficker . Here's an example: The link actually takes you to a typical fake online scanner page used to serve up a rogue security scanner: In this case the page tries to get you...
  • Blog Post: Information about Worm:Win32/Conficker.D

    Over the past several months, Microsoft has received reports on 4 different variants of the Conficker worm, the latest being Worm:Win32/Conficker.D (also known as Downadup.C, and the subject of a number of recent press articles labeling this variant as Conficker.C; see Win32/Conficker for a chart distinguishing...
  • Blog Post: Centralized Information About The Conficker Worm

    Since the time Microsoft released security update MS08-067 , we have released information about MS08-067 exploits and specifically about the Conficker worm in our malware encyclopedia and in multiple blog posts for example here . This blog provides a summary of the available information Microsoft has...
  • Blog Post: Updated Conficker Functionality

    We’ve been getting questions from some of our customers about a new sample of Win32/Conficker , dubbed by some as Conficker.B++. We’re aware of this sample and our definitions already detect this sample as Worm:Win32/Conficker.B , but given the new functionality described in this blog post, we’re updating...
  • Blog Post: Birthday Problem and Conficker

    Hide behind huge numbers, making fighting against very expensive Birthday problem or paradox is the probability that, from a given set of people, two of them will have the same birthday. It is a paradox because the result defies common sense. For a group of 23 people, the chance that two of them share...
  • Blog Post: MSRT Released Today Addressing Conficker and Banload

    Back on Oct. 23, 2008, Microsoft released a critical security update for Windows: MS08-067 . Isolated attacks existed at the time of the bulletin release and in our blog we strongly recommended installing the security update as quickly as possible. Later, a few trojans that exploit this vulnerability...
  • Blog Post: Just in time for New Year's....

    Hello again from Melbourne! We've seen another resurgence of Worm:Win32/Conficker , this time as Worm:Win32/Conficker.B . We've already received a number of reports of this new variant from the wild from affected users. Not surprisingly, a majority of the new infections we’re seeing are on machines...
  • Blog Post: More MS08-067 Exploits

    As expected, we are seeing another wave of attacks exploiting the vulnerability detailed in security bulletin MS08-067. Early last week we blogged about MS08-067 exploits. At that time, the number of exploits in the wild was still low and they were mostly targeted attacks. However, during the weekend...
  • Blog Post: SIRv12: The obstinacy of Conficker

    Conficker is one of the most significant threat families facing organizations worldwide today; its initial impact along with its continued obstinacy shows that clearly. In the fourth quarter of 2011 – three years after its initial release – it attempted to infect just over 1.7 million computers...
  • Blog Post: Win32/Conficker Variants Update

    There have been new developments in the Conficker arena within the past couple of days. We would like to inform those who are concerned that the MMPC is working to make sure you have the information you need, first to be protected from any threat; and second, to provide you with a full understanding...