Skip to main content

Patching against the Conficker worm

The Win32Conficker worm takes advantage of a vulnerability in the Server service of pretty much all versions of Windows and allows a remote attacker to take control of the infected computer.

According to Microsoft "Most anti-virus software could detect and block the Conficker worm, so if you have updated anti-virus software on your computer, you are at a much lower risk of being infected by the Conficker worm."

However, it is also recommended to ensure your Windows OS is patched so that you are not vulnerable to the threat.  In order to ensure you are patched against this nasty piece of work please follow the steps below...

1. Find out what version of Windows you are running

  • Hold down the Winlogo button (looks like the Windows icon) and tap once on R
  • Type "winver" and hit Enter
  • You will be able to read off what version of Windows you have, e.g. in the image below I can tell that I have Windows XP Professional with Service Pack 3.

image

2. Download the correct patch for your Windows version

3. Apply the patch

  • Navigate to where you saved the patch and double-click it
  • Follow any on-screen prompts that appear

To find out more about Conficker have a look here:

http://www.microsoft.com/protect/computer/viruses/worms/conficker.mspx

Comments

Popular posts from this blog

Where are SCANPST.EXE and/or SCANOST.EXE?

I sometimes have to deal with customer computers whose Outlook PST or OST files have become corrupted.  Very often the fix is to run SCANPST.EXE on the offending PST/OST file.   However, every time I go to do this I forget where the two executable files are.  Here is where they are on a Vista machine running Office 2007: C:\Program Files\Microsoft Office\Office12 I hope this helps.

WSUS Issues

Was configuring WSUS on a Server 2016 VM for a customer recently and found the performance to be very sluggish and most of the time the client PCs would time-out and throw an error message when trying to check for updates. After much digging on different forums I came across a fix that worked nicely: Open Internet Information Services (IIS) Manager and click on Application Pools Then Right-Click on your WsusPool instance and choose Advanced Settings Scroll down to Private Memory Limit (KB) and change it from the default of 1843200 to 0 which means unlimited. Then right-click and stop the WsusPool and then start it again. Hope this works for you.

APC PowerChute Network Shutdown - Authentication Phrase

​Was installing  APC PowerChute Network Shutdown (PCNS) on a customer’s server and couldn’t find a record of the Authentication Passphrase that I set ages back on their Smart UPSes Network Management 2 Card. So I went to reset it on the card and start anew… it took a lot of digging to find it on their particular release of firmware: Go into the UPS tab, then into “shutdown” inside the “Configuration” category: You may then need to change the passphrase being used on other servers. To do this, open up PCNS in your browser and click into the area shown below: