[muckshifter]

MS on Conficker.E, patches

Researchers reported that some PCs infected with Conficker received a binary file over P2P. The updated version of the worm, called Conficker.E, starts scanning for other computers that haven't patched Microsoft vulnerability MS08-067. The new update also tells Conficker to contact MySpace.com, MSN.com, eBay.com, CNN.com and AOL.com apparently to confirm that the infected machine is connected to the internet, and blocks infected PCs from visiting some web sites. In another twist, the binary appears to be programmed to stop running on May 3, which will shut off the new functions.

Microsoft has published more detailed information on Conficker.E on its MMPC blog. The company has repeated its guidance regarding the worm: If you have patch MS08-067 installed and your virus database updated, you don't need to worry about Conficker.

Separately, Microsoft announced that it will issue eight security updates on Tuesday, April 14, the most since October 2008. Of them, five are rated "Critical". The updates address vulnerabilities in Windows, Excel, Internet Explorer and ISA Server.

Resources:

http://www.microsoft.com/technet/security/bulletin/ms09-apr.mspx

http://blogs.technet.com/mmpc/archive/2009/04/09/win32-conficker-variants-update.aspx

[Ian]

Thanks Mucks Conficker sound like a nasty little blighter, I wonder how many machines are infected now.

Just checked Windows Update manually to see if there were any interesting optional downloads before patch Tuesday goes live... "Windows Live Essentials" and Powershell were the only ones.

[Abarbarian]

Thanks.