Tuesday, May 1, 2012

Why is Conficker still around?

Seeing this article and this article and this article about Conficker is really kind of discouraging.  How could something that should have gone through it's life cycle a few years ago still be infecting the amount of machines that it is today?  According to Microsoft, infections seem to be steadily increasing ... almost 3 years later.  Yeah, it might be hard to get off of a corporate network, but you would think over time things would eventually get patched and cleaned up enough to slow this thing down.  That's apparently not the case. If it is really as simple as patching systems and using better password policies, why is this thing still running amok?  Part of the problem is that Conficker shuts down Windows updates and a lot of the anti-malware tools.  Then all kinds of other malware can jump right in and set up shop, as this article shows.  Nothing good at all can come from malware working together.  Whether it was intended or not, not cool at all.  Time to get back to basics and take control of our networks.  Find the problems, clean up and closeup the holes.  Yeah, wish it was really that simple.