COMPUTING ALERT: Avoid theConficker Worm

Security Bulletin of March 31, 2009

Overview

Further Assistance

Other Bulletins
Recent CERT Alerts

COMPUTING ALERT: Avoid the Conficker Worm

You may have been hearing about the Confickr worm in the news lately – many security sites are reporting that this worm may attack on April 1st. Confickr is a worm, a malicious program that can infect an unpatched Windows computer without obvious symptoms. If a computer is infected, it is vulnerable to an outside attack. Take a few minutes to make sure that your computer is protected and not infected by Confickr.

First, make sure that your Windows computers are up to date for Microsoft Windows Updates (see http://www.haverford.edu/acc/docs/general/osupdates.html ).
Second, make sure that your antivirus software is up to date (see http://www.haverford.edu/acc/virus)
Third, this worm disables a computer’s ability to do Windows updates and antivirus software updates. Therefore, if your computer is infected with the worm, you will not be able to update Windows or browse to certain websites that are used to update your computer. In order to determine whether your computer is infected, Windows users should try to open the following URLs in your browser:
http://www.symantec.com/norton/theme.jsp?themeid=conficker_worm&inid=us_ghp_link_conficker_worm
http://www.microsoft.com/protect/computer/viruses/worms/conficker.mspx
http://www.mcafee.com
If you can open these web sites, you most likely do not have the worm. If you cannot open these sites, please contact the Help Desk immediately. Your computer may be infected with conficker or another malware program.

MORE INFORMATION

Additional information about computer security and current threats can be found at the following sites:

United States Computer Emergency Readiness Team (US-CERT ): <https://www.us-cert.gov/nav/nt01/>
McAfee Avert Threat Center: <https://www.mcafee.com/us/threat_center/default.asp>
Microsoft Security: <https://www.microsoft.com/security/>
Apple Product Security: <https://www.apple.com/support/security/>

ACC EMAIL POLICY:

ACC will never request passwords or other confidential information via email. Email is not secure. We will never email an executable file. Instead, if we ask you to take action, we will always refer you to our web site, using an address that starts with the secure "https" protocol -- that way, you know you are downloading a safe file from us.

VERIFY THIS ALERT IS LEGITIMATE:

Before taking an action recommended in an email, please confirm that the email is legitimate. ACC posts a detailed description of all our alerts on our web site, https://www.haverford.edu/acc/bulletins/.

For Questions and Comments, contact Haverford College's Academic Computing Center.
Last updated on March 31, 2009