mirrorshades

Conficker / Downadup

36 posts in this topic

Discrunge? Wtf? Sudo was made as a security feature! If it's not set up properly, then it's vulnerable! Standard Ubuntu disable the root account and use sudo as a security feature.

And I'm also looking forward to April 1. This will be hilarious. I really don't care what happens to my PC. I have no important data, and Security Center + Automatic Updates is disabled. Just got AVG Free on this puppy.....

0

Share this post


Link to post
Share on other sites
Damn, does this mean any Windows computer is potentially going to be infected on April 1st?

Yes, potentially it could infect your PC.

No, it couldn't. Conficker requires the MS08-067 not to be installed. Stop spreading misinformation.

Why would anyone give a shit about this if a patch from October is sufficient protection?

Because 30% of Windows out there don't have it installed.

That's fucking crazy. So 30% of Windows users haven't updated for at least 5 months? Where did you get that 30% number?

http://www.infoworld.com/article/09/01/16/...m_attack_1.html

Based on scans of several hundred thousand customer-owned Windows PCs, Qualys concluded that about 30 percent of the machines have not yet been patched with the "out of cycle" fix Microsoft provided Oct. 23 as security update MS08-067.

Mind you that was in January, so I suspect it might be around 20% or so by now. (but I wouldn't count on it)

0

Share this post


Link to post
Share on other sites
No, it couldn't. Conficker requires the MS08-067 not to be installed. Stop spreading misinformation.

Why would anyone give a shit about this if a patch from October is sufficient protection?

Actually, with the B variant, it began spreading using network shares with weak passwords and using USB drives as well. 08-067 has been the primary means of infection, but the way that it's written allows for in-place updates. Meaning... that if another vuln surfaces, the authors could simply release a new version that uses it as the new vehicle.

Also, please move the sudo stuff to another thread. This is a Windows-specific threat.

0

Share this post


Link to post
Share on other sites
Damn, does this mean any Windows computer is potentially going to be infected on April 1st?

Yes, potentially it could infect your PC.

No, it couldn't. Conficker requires the MS08-067 not to be installed. Stop spreading misinformation.

Why would anyone give a shit about this if a patch from October is sufficient protection?

Because 30% of Windows out there don't have it installed.

That's fucking crazy. So 30% of Windows users haven't updated for at least 5 months? Where did you get that 30% number?

I don't know where he got that number, but I've seen many reports showing how many folks don't update much. I know that some have trouble with Windows Update then just never try it again. There are also reports of people still using Internet Explorer 5 & 6, which may say something about their upgrading habits. These people alone make a large number of potential hosts. Finally, we have enterprises who patch slowly to prevent downtime. There are patches out there whose negative effects on some applications have never been resolved. I think one of these two explains Conficker, as it mainly targets business computers on Windows domains. I think it exploits slow patching strategy.

Lets not forget all the illegal copies of Windows. IIRC they wont be patched and i remember reading a lot of pirated unpatched machines are out there.

0

Share this post


Link to post
Share on other sites

really didnt know illegial copys didnt update must just be the bad ones, got one from the college my brother is at that doesnt use any key so has unlimited installs and works fine

0

Share this post


Link to post
Share on other sites
really didnt know illegial copys didnt update must just be the bad ones, got one from the college my brother is at that doesnt use any key so has unlimited installs and works fine

We talk about vulnerabilities and criminal tactics in theory here, but admitting to actual piracy on BinRev will probably get you banned. Be more careful, huh?

0

Share this post


Link to post
Share on other sites
Lets not forget all the illegal copies of Windows. IIRC they wont be patched and i remember reading a lot of pirated unpatched machines are out there.

Maybe it was Microsoft's plan (and design) to discourage use of pirated copies of Windows... lulz. Seriously, though, the pirated copies are a problem. There are ways to patch pirated copies but many people who have them don't. Additionally, Microsoft publishes most of their patches as standalone executables. This means a criminal organization could have one legit PC downloading patches, passing validation, and distributing the patches to the pirated machines. I don't mind pirates paying for their stupidity, but I don't like dealing with the huge botnets that result from it.

Odd thought: If Microsoft offered Windows Update to all PC's, pirated or not, would large botnets effectively cease to exist? or become more uncommon, slower to grow, etc.? Microsoft wouldn't have to pay for the bandwidth: 3rd party sites could host all security fixes in this scheme. I think one could say that Microsoft's anti-piracy efforts are a significant factor in the extreme growth of botnets.

0

Share this post


Link to post
Share on other sites
really didnt know illegial copys didnt update must just be the bad ones, got one from the college my brother is at that doesnt use any key so has unlimited installs and works fine

We talk about vulnerabilities and criminal tactics in theory here, but admitting to actual piracy on BinRev will probably get you banned. Be more careful, huh?

i dont believe it would be piracy as the school gave him the disk but it could be used as such if someone felt like it. but i wouldnt know i didnt see a eula at install or anything. but again computers arent really that insecure its just when people disable security features and download programs that probably have maleware in them

Edited by dinscurge
0

Share this post


Link to post
Share on other sites
Lets not forget all the illegal copies of Windows. IIRC they wont be patched and i remember reading a lot of pirated unpatched machines are out there.
really didnt know illegial copys didnt update must just be the bad ones, got one from the college my brother is at that doesnt use any key so has unlimited installs and works fine

We talk about vulnerabilities and criminal tactics in theory here, but admitting to actual piracy on BinRev will probably get you banned. Be more careful, huh?

i dont believe it would be piracy as the school gave him the disk but it could be used as such if someone felt like it. but i wouldnt know i didnt see a eula at install or anything. but again computers arent really that insecure its just when people disable security features and download programs that probably have maleware in them

At any rate, since when do pirated copies of winblows not accept updates? I thought as long as you didn't download the "verify that your copy of windows is legit!" update you were golden.. wtf?

0

Share this post


Link to post
Share on other sites

Create an account or sign in to comment

You need to be a member in order to leave a comment

Create an account

Sign up for a new account in our community. It's easy!


Register a new account

Sign in

Already have an account? Sign in here.


Sign In Now