(imported topic written by Macideus91)
MS Patch MS08-067 is supposed to keep this thing from populating. Can we be sure. How…and worst case scenario?
This could be a big hit. Could be a chance for BF to shine once again!
-Mike
(imported comment written by SystemAdmin)
Another method to prevent the spread is utilizing the existing Big Fix “Autorun Not Disabled for All Drive Types” Fixlet - which will disable the “auto-run” feature. One of the methods Conficker (Varient C) spreads is by creating an autorun.inf file on removable media - which then auto-runs when inserted into an unpatched system. Disabling auto-run on the PC will at least help curb infected systems from spreading more.
- mike
(imported comment written by BenKus)
Hey guys,
Our partners at Trend Micro have put together a page to deal with Conficker questions:
In terms of what BigFix can do to assist, the main thing would be to double-check MS08-067 and make sure your AV is up-to-date… We have been discussing various other approaches that you can potentially use to detect/clean cornficker if you are infected, but since none of the methods seemed 100% reliable in all situations, we have resisted publishing Fixlets for everyone… Luckily the patch and AV dats for all AV Vendors have been out for a long time so hopefully any computer with BigFix should be well protected.
Ben