It’s amazing how relaxed people can get about Windows Updates without a severe worm or virus every year or so. A patch released by Microsoft in October still has not been installed in as many as 35% of all affected machines, the largest portion of which are corporate computers. As a result of shere negligence on the part of IT staff and users a new botnet is growing at an alarming pace.
Downadup/Conficker is pretty unique in the way that it allows an unscrupulous individual to control the infected computers. It attempts to access random domain names each day according to timestamps on Google which the purveyors of the botnet can register, setup a site and control all of those that connect.
The estimated infected machines yesterday = 3,521,230
The total estimated infected machines today = 8,976,038
That is a serious increase in a single day and is rivaling both Blaster and Sasser’s numbers from 2001/2004. Microsoft said that 1.5 million people downloaded the Sasser removal tool in 2 days and computer repair companies were overwhelmed for weeks cleaning up the mess. It will be interesting to hear what the numbers are for Downadup once this whole thing is over with.
The real problem here is with people that have not updated their machines. It was the same scenario with both Blaster and Sasser with a patch that was available but never installed by computer owners. An interesting note here is that as much as people dislike Windows Vista it is one of the less infected groups of computers.
Check It Out> Microsoft, F-Secure, Information/Download Removal Tool
No Comment