back to article One in ten PCs still vulnerable to Conficker exploit

Many systems are still unprotected against the Conficker superworm, weeks after the malware began spreading across the internet creating a huge botnet of compromised machines thought to number in the millions. Data from enterprise users of Sophos's Endpoint Assessment Test, which checks the state of Windows PC patching and …


This topic is closed for new posts.
  1. Anonymous Coward

    Related to SupportOnClick ?

    Could the recent update to conficker be related to the Cold Calling Spyware scam and the way some people were unable to shutdown etc & then got contacted by Supportonclick?

  2. Daniel

    It would help if the patches had more intuituve names

    Some things deserve cryptic names: car parts, book ISBNs, the numbers that appear under bar codes. However, I'd suggest that security patches for computers don't fall into this category, if it means that 10% of PC users can't even seem to figure out if they're vulnerable, or not.

    Ask a user whether they've installed the MS08-067 patch (which, for clarity's sake, is also known by the catchy moniker of "KB959644"), and you might as well have asked them whether their car used LFR5AP -11 spark plugs or BPR6ES-11s!

    Why not call it 'The Confiker Patch', or 'That Security Update We Issued Last October'?

  3. Anonymous Coward
    Anonymous Coward

    OH NOES!

    OH NOES!!!

    There are 10 PCs in this room, that means that one of them is a Communist!


  4. Mike

    Re: Oh Noes

    "Apparently, 1 in 5 people in the world are Chinese. And there are 5 people in my family, so it must be one of them. It's either my mum or my dad. Or my older brother Colin. Or my younger brother Ho-Cha-Chu. But I think it's Colin."

    - Tommy Cooper

  5. Anonymous Coward
    Anonymous Coward

    11 per cent is more like 1 in 9 than 1 in 10

    Assuming you are reporting the figure accurately, 11 per cent is much closer to 1 in 9 than it is to 1 in 10, so why round down rather than up?

  6. Justin Clements
    Jobs Horns

    oh no!!!

    How do I protect my Mac?

    Ah yes, I don't. I pay the "Apple Tax" that ensures that chavs don't buy into high priced gear, leaving us with a nice minority OS that no one bothers trying to hack.

    Seriously guys, how much more money do you guys have to spend on security over the "Apple Tax"?

  7. Anonymous Coward

    RE: the sub head

    No actually I'm not scared now. Wasn't scared when the hyped machine started rolling on this and wont be scared tomorrow. Come on guys, do we really need to keep re hashing this and giving this worm more press than it deserves. Not to mention trying to cause a panic? It's really getting very tiresome.

  8. Dana W
    Jobs Halo

    @ Justin Clements

    Its called security. You should try it sometime. And by minority OSes, do you mean say, Vista? Its about as popular as a herpes sore.

    Funny, if we Mac users represent the top ten percent of big spenders, you would think we would be a high level target, platinum card numbers and such. "Sadly, looking into my checking account this is not the case"

    If you can't figure out why NT is less secure than Darwin Unix, you are simply trolling, a Microsoft fudster, or just a little slow. And only the third rates any sympathy.

    Three Macs, Well two Macs and a Hackintosh EEE PC , security budget ZERO, infections ZERO, hassle ZERO. I don't know where you live, but if you look at US LAPTOP sales. We are well over ten percent. In new sales something a bit under one in three, We are not such a minority anymore.

  9. Apocalypse Later

    Why bother?

    Why should anyone bother with Conficker protection now? Didn't we all get the news on April 2nd that it was another dud like the millennium bug? That is was just more hype by the anti-virus vendors and nothing happened on "D-Day" April first? Doesn't anyone pay attention to our helpful mainstream news outlets anymore? They warned us of impending doom, then revealed it was all chicken little crying wolf again. Forget Conficker, it's time for a new sensation.

  10. John Smith Gold badge
    Thumb Down

    So is parliament still infected?

    Just asking.

    ISP's still can't get round to letting the most annoying group of their users why people are finding them *so* annoying.

  11. Anonymous Coward
    Anonymous Coward

    Grammatical Oh Noes

    ! in 5 people in the world IS Chinese, you mean. ;)

  12. yossarianuk

    mine's not !

    There is no linux version yet - maybe its coming like chrome ?

  13. Anonymous Coward
    Anonymous Coward

    RE:AC @15:49 GMT

    Rounding up would be sensationalist. We wouldn't want that, would we?

  14. Ron Haworth

    Still Cheaper and who cares?

    Justin, I pay $39.95 a year for a 3 user license to protect my Windows machines. Still way cheaper than a MAC. But in case everyone hasn't noticed, most of the infected machines are ones running pirate copies of XP in places like China. These machines don't pass Windows Genuine Advantage scrutiny and thus the needed patch won't install. Conficker for the most part didn't infect the large numbers of PC's in North America and Western Europe that its authors had hoped for. With the patch widely deployed and anti-virus companies hot on Conficker's ass I doubt that it will spread much more in the regions just mentioned. So if Conficker's masters want to infect Chinese, Indian, and Russian computers running non-genuine copies of XP with a English version of the rogue SpywareProtect2009 who cares? Have fun with that guys.

  15. Anonymous Coward

    RE: Still Cheaper and who cares?

    >>if Conficker's masters want to infect Chinese, Indian, and Russian computers running non-genuine copies of XP with a English version of the rogue SpywareProtect2009 who cares?

    You'll care when they create the largest botnet ever known, then flood the net with unprecented volumes of spam and DDOS attacks.

    Or maybe you won't.

  16. Pascal Monett Silver badge

    I got an even cheaper deal

    I have a hardware firewall, a free anti-virus and I use Firefox.

    Haven't had a problem in the past six years.

  17. Adam Silver badge

    @Ron Haworth

    opendns say infection rates are:

    Russia, Malaysia 3%; Italy 4%; USA, India 5%; Algeria 7%; Indonesia 10%; Philippines 11%; Brazil 12%; Vietnam 13%

    and all other countries less that 3%, so it looks like those Chinese, Indian and Russian computers aren't any worse off than the North Americans.

  18. Anonymous Coward

    A couple of points

    "Data from enterprise users of Sophos's Endpoint Assessment Test, which checks the state of Windows PC patching and anti-virus protection, suggest 11 per cent of users have failed to install the MS08-067 patch that guards against the vulnerability exploited by Conficker."

    These result will be somewhat skewed. People who are clued up enough to care about security will patch regularly and therefore probably won't use something like the endpoint assessment test. People who aren't clued up at all probably wouldn't use it either. So the figures apply to a fairly small subset of users.

    Secondly and more importantly the MS08-067 only guards against one of conficker's attack vectors. Too much publicity is given to this particular attack vector, I've found plenty of infected computers which had the patch applied long before they were infected, but the infection came via the autorun feature. The victims have all thought they were protected because they had applied the patch. Please don't enforce the belief that the patch alone will protect against conficker.

  19. Anonymous Coward
    Anonymous Coward

    Mandatory Updates

    I'm sure that Microsoft brought this out as a Critical Update and most systems have Automatic Updates enabled so I'm surprised that the number is so high. I do think its mad calling it by its patch name and not by a name like "Confiker Patch"

    I've ran checks on the home PC's and laptops and we're all patched. Mind you - I use a whole range of spyware protection tools so it probably never had the chance to get on in the first place.

    As I understand it, the worm contacted a set of known DNS addresses. Perhaps cutting users off from the internet and providing them with a landing page with all the clean-up tools would allow the non-tech able the chance to fix their machines when its detected that then worm is trying to get to these sites.

  20. Anonymous Coward

    Scared yet? Eh? Eh?


  21. Daisy O'Byrne

    Eh? Eh?

    Is your headline writer Canadian? He/she's adopted our national "eh"!

This topic is closed for new posts.

Biting the hand that feeds IT © 1998–2022