• Most Popular
  • Most Shared

eEye Offers Free Utility to Detect Conficker Worm and MS08-067 Patch

Tue Mar 31, 2009 5:27pm EDT
 
Estimates Peg 9-12 Million Computers Already Infected by Earlier Strains of
Conficker
IRVINE, Calif.--(Business Wire)--
In response to Conficker, breed of self-updating worms that is difficult to
avoid, Researchers at eEye Digital Security (www.eeye.com) have devised a
Conficker detection engine that centers on running a network scan to detect
hosts compromised or vulnerable to Conficker. In a proactive measure to protect
users, starting today, organizations can download from eEye a free utility that
is built around the company`s Retina Network Security Scanner that will detect
hosts that are compromised with this latest worm and malicious botnet or do not
have MS08-067 applied, the most effective propagation technique that Conficker
uses. 

The Retina Utility from eEye can be downloaded at:
http://www.eeye.com/html/downloads/other/ConfickerScanner.html. 

The Conficker worm utilizes a variety of attack vectors to transmit and receive
payloads, including: software vulnerabilities (e.g. MS08-067), portable media
devices (e.g. USB thumb drives and hard drives), as well as leveraging endpoint
weaknesses (e.g. weak passwords on network-enabled systems). The Conficker worm
will also spawn remote access backdoors on the system and attempt to download
additional malware to further infect the host. 

"The Conficker worm represents predictions eEye has been making for years," said
eEye CEO Kamal Arafeh . "Blended threats can take advantage of a missing patch,
propagate though a USB key, create a silent but crippling peer-to-peer network,
and provide the stealthiest capabilities of a botnet using complex command and
control methods. eEye Research has developed solutions to protect against these
threats as monolithic entities and when combined, our solutions are very
effective in identifying and stopping the propagation of blended threats such as
Conficker." 

The Retina Network Security Scanner thwarts network exploits and data loss
attacks by analyzing specific pieces of operating systems, applications, and
policies. The tool identifies high-risk host components and determines how
malware such as the forthcoming Conficker worm can potentially leverage systems
for malicious activity due to missing patches, poor configurations, and
vulnerabilities. 

In addition to the detection of the Conficker worm, eEye Digital Security's
Blink Endpoint Protection Platform can effectively protect hosts, even if they
are not patched, from the propagation of this worm. Using protocol based IPS
analyzers, Blink can detect and stop the malicious traffic associated with
MS08-067 and block the worm from self propagating. For installations that are
already infected, Blink's multi layer antivirus engine will remove the Conficker
worm and provide protection until a permanent remediation is performed on the
host. 

System Requirements to download eEye Retina Utility for Conficker:

* Operating System: Windows 2000/XP/2003 
* Internet Explorer Version 5.01 or higher 
* System RAM: 128 MB 
* Storage: 20 MB

Related Links & Resources:

The HoneyNet Project: http://www.honeynet.org/papers/conficker/

Felix Leder and Tillmann Werner Analysis:
http://iv.cs.uni-bonn.de/wg/cs/applications/containing-conficker

Microsoft Advisory - 967940:
http://www.microsoft.com/technet/security/advisory/967940.mspx

Microsoft Malware Protection Center: http://tinyurl.com/absz6f

Microsoft Security Bulletin MS08-067:
http://www.microsoft.com/technet/security/Bulletin/MS08-067.mspx

SANS - Internet Storm Center: http://isc.sans.org/diary.html?storyid=5860

Shadowserver Foundation:
http://www.shadowserver.org/wiki/pmwiki.php?n=Calendar.20090212

About eEye Digital Security

eEye Digital Security is a leader in vulnerability management, endpoint
security, anti-virus software and IT security research. The company`s advanced
security solutions help technology professionals protect the networks and
digital assets of more than 9,000 corporate and government organizations
worldwide. Founded in 1998, eEye Digital Security is headquartered in Orange
County, California. For more information, please visit www.eEye.com. 

All trademarks contained within this press release are the sole property of
their respective owners and are hereby acknowledged.





Agency:
MediaPR
Victor Cruz, 1-401-808-6264
vcruz@mediapr.net
or
Corporate, North America:
eEye Digital Security
Stacy Newman, 1-949-333-1913
press@eEye.com

Copyright Business Wire 2009



More from Reuters

This heart-wrenching picture of a mother and child at an an emergency feeding centre in in Tahoua, Niger, won international acclaim for incorporating beauty, horror and despair. Taken on August 1, 2005 by Finbarr O'Reilly.

Pictures of the Decade

    Pictures
    A customer is served at a counter inside a foreign exchange store displaying a poster of various banknotes including the Chinese yuan or renminbi (RMB) in Hong Kong November 20, 2009. REUTERS/Bobby Yip
    OUTLOOK 2010:

    Be careful what you wish for

    Pressure on China to loosen its grip on the yuan will continue but the U.S. should tread carefully. Here are five world market issues to watch.  Full Article 

    Global Markets
    Aurora, a 20-year-old Beluga whale, swims with her newborn calf after giving birth at the Vancouver Aquarium in Vancouver, British Columbia June 7, 2009. REUTERS/Andy Clark

    365 days for the doomed

    From polar bears to emperor penguins, endangered species will get top online billing in 2010 during the Year of Biodiversity.  Full Article 

    Green Business