The IT Law Wiki


32,057pages on
this wiki
Add New Page
Add New Page Talk0

Definition Edit

Conficker (also known as Downup, Downandup, Conflicker, and Kido) is a computer worm that surfaced November 21, 2008, with Conficker.A and targets the Microsoft Windows operating system.

Overview Edit

The worm exploits a known vulnerability (MS08-067) in the Windows Server service used by Windows 2000, Windows XP, Windows Vista, Windows Server 2003, Windows Server 2008, and Windows 7 Beta.

The Conficker worm spreads itself primarily through a buffer overflow vulnerability in the Server Service on Windows computers. The worm uses a specially crafted RPC request to execute code on the target computer.

When executed on a computer, Conficker disables a number of system services such as Windows Automatic Update, Windows Security Center, Windows Defender and Windows Error Reporting. It receives further instructions by connecting to a server or peer and receiving a binary update. The instructions it receives may include to propagate, gather personal information and to download and install additional malware onto the victim's computer. The worm also attaches itself to certain Windows processes such as svchost.exe, explorer.exe and services.exe.

In addition, there were several variants of the worm circulating, with the later variants deploying a number of countermeasures to preclude detection by security applications and block legitimate system updates.

See also Edit

Source Edit

Also on Fandom

Random Wiki