Network Services


April 1, 2009

Conficker is a worm that exploits a vulnerability in Microsoft Windows in order to download and execute malicious code. Fortunately for BDS clients, you have nothing to worry about since you are all protected with the latest protection and security updates. For home users there is software we recommend if you don’t already have an anti-virus program installed, we also recommend doing a Windows Update.

THREAT INFO: Conficker hides its tracks because it uses an enormous number of URLs to communicate with HQ. The first version of Conficker used just 250 addresses each day – which security researchers and ICANN simply bought and/or disabled – but Conficker C will up the ante to 50,000 addresses a day when it goes active, a number which simply can’t be tracked and disabled by hand.

PREVENTION: Windows Update and update your anti-virus software as well. Make sure your anti-virus software is actually running too, as Conficker may have disabled it.

April 14, 2009
Zero Day Excel Vulnerability: Hackers are targeting a zero-day vulnerability affecting all current versions of Microsoft Office Excel. Microsoft has publicized workarounds for enterprises as they await a security patch. If exploited, the Excel vulnerability could allow hackers to execute code on a vulnerable system.
THREAT INFO: According to Microsoft, the vulnerability is currently being exploited in “limited and targeted attacks.” The advisory addresses Microsoft Office 2000, 2002, 2003, 2007, Office 2004 & 2008 for Mac. Remain wary of unsolicited Excel Documents (.xls) arriving via email. If you don’t absolutely need the document, or if you don’t trust the entity it came from you should avoid opening it until Microsoft releases a patch.

This vulnerability effects: All current versions of Microsoft Excel for Windows and Mac computers, and Excel Viewer and Office Compatibility Packs.
How an attacker exploits it: By enticing your users into opening maliciously crafted Excel spreadsheets. Impact: An attacker can execute code on your computer, potentially gaining control of it.

What to do: If you feel that you have been a victim of this alert, please contact BDS to schedule time to implement proper steps and install patches.

Conficker Variant: It appears that this may be the activity that was supposed to happen on April 1st. This new variant only affects those PCs that have been previously infected with WORM_DOWNAD.KK TrendLabs has discovered a new Conficker variant (detected as WORM_DOWNAD.E). It appears that this may be the activity that was supposed to happen on April 1st, 2009. This new variant only affects those PCs that have been previously infected with WORM_DOWNAD.KK

What to do: Trend Micro and Symantec products have been patched and you are running the latest engines and pattern files, you are protected from this variant.
• Take caution when searching online for DOWNAD and Conficker information. There are reports of rouge anti-virus packages that are taking advantage of the situation. They will tell you that you are infected and ask you to pay money to download their application, which in many cases turns out to be malware.
• Customers should immediately install patches/updates for MS08067 and other vulnerabilities as soon as vendors release these patches.
• If your computer behaves abnormally, contact BDS immediately to ensure that you are protected.

Apr09     Jun09    Jul09    Aug09    Sep09    Oct09    Nov09    Dec09    Jan10 
©2010 BDS - Business Data Services