Wednesday, January 21, 2009

Kido / Conficker / Downadup is really hard to remove.

In the last week or so there has been a resurgence in the Kido worm that I first saw in November. This is probably due to the malware authors adding some new propagation methods such as spreading via USB flash drives and Windows file-sharing.
These techniques make it hard to remove from a network, as a single computer unpatched against the Microsoft MS08-67 security vulnerability, is able to reinfect the whole network via file shares. Obviously the best thing you can do is make sure that Microsoft’s patch is in place on every vulnerable computer on your network.

I've been interviewed a dozen times (including some TV journals VRT and VTM) and you can find some of the articles at my press page on my website.
The situation in Belgium and the Netherlands is compared to the rest of the world quite good. So did we all use the MS08-067 patch ASAP in the Benelux?
I hope we will have a better improved(read: less infected) worldwide situation soon...