Microsoft: Worms are most prevalent security problem

Microsoft's latest security report finds that the Conficker worm is still circulating in enterprises

The Conficker worm continues to be one of the most prevalent threats facing PCs running Windows, according to a new security report published by Microsoft.

For the first six months of the year, Microsoft found that more than 5 million computers were infected with Conficker, according to its latest Security Intelligence Report.

Conficker spreads either by exploiting a vulnerability in the Microsoft Windows Server service, through infected removable media or brute-forcing weak passwords on other PCs.

Conficker alarmed Microsoft so much when it appeared that Microsoft issued an emergency patch in October 2008 for the software vulnerability that allowed it to spread rapidly.

The worm is still circulating, mainly in enterprises, said Vinny Gullotto, general manager of the Microsoft Malware Protection Center. Due to its password-cracking ability, if Conficker gets on one PC in a company, it can often then rapidly spread.

Microsoft collects data on infections from its free security products such as Windows Defender, the Malicious Software Removal Tool (MSRT), Security Essentials as well as ones the company sells.

Another worm -- called Taterf -- took the number two spot for the most infections at 4.9 million. Taterf steals authentication and account information for massively multiplayer online games such as World of Warcraft and Lineage, among others, and spreads through infected drives such as a USB stick or an infected network drive.

Microsoft did see a decline of machines infected with Zlob, a notorious Trojan horse that spread by tricking people into believing it was actually a media codec, which is software used to encode and decode audio or video.

Microsoft's free tools such as MSRT will remove Zlob. For the first half of the year, Microsoft saw only 2.3 million infections, dropping drastically from the 21.1 million infections the company counted for the same period a year prior.

Gullotto said that Microsoft received an e-mail from the supposed creators of Zlob saying that they were now "closing soon." The e-mail, in broken English allegedly from "Russia," complimented Microsoft on responding quickly to the threats.

But it's just a small victory, as there are plenty of other security problems. Fake antivirus programs are among those.

The programs, which look like legitimate security software but do not work, badger people with pop-up menus saying their computer is infected. The annoying messages only subside after buying the software for as much as $60.

Microsoft continues to add detection for new families of rogue antivirus software in products such as Windows Defender and the MSRT, Gullotto said. Fewer PCs were found to have been infected in the latest reporting period: 13.7 million versus 16.8 million computers for the second half of 2008.

Different regions faced different threats. Trojan horse programs -- which can download other malicious software -- were the biggest threat in the U.S., U.K., France and Italy. Malicious software aimed at online banking was problematic in Brazil, while worms were a dominant threat in Spain and South Korea, Microsoft said.

Gullotto said Microsoft also saw a continuing trend for hackers to attack third-party software. For computers running Windows Vista, 84.5 percent of the browser-based exploits targeted third-party software rather than Microsoft's.

Vista implemented an array of new security features designed to reduced its vulnerability to attack. For the weaker Windows XP OS, 56.4 percent of the browser-based exploits targeted Microsoft software rather than that of third parties. Windows 7, which was just released commercially last month, is not included in the figures.

Join the newsletter!

Error: Please check your email address.
Rocket to Success - Your 10 Tips for Smarter ERP System Selection
Keep up with the latest tech news, reviews and previews by subscribing to the Good Gear Guide newsletter.

Jeremy Kirk

IDG News Service
Show Comments

Cool Tech

Breitling Superocean Heritage Chronographe 44

Learn more >

SanDisk MicroSDXC™ for Nintendo® Switch™

Learn more >

Toys for Boys

Family Friendly

Panasonic 4K UHD Blu-Ray Player and Full HD Recorder with Netflix - UBT1GL-K

Learn more >

Stocking Stuffer

Razer DeathAdder Expert Ergonomic Gaming Mouse

Learn more >

Christmas Gift Guide

Click for more ›

Most Popular Reviews

Latest Articles

Resources

PCW Evaluation Team

Edwina Hargreaves

WD My Cloud Home

I would recommend this device for families and small businesses who want one safe place to store all their important digital content and a way to easily share it with friends, family, business partners, or customers.

Walid Mikhael

Brother QL-820NWB Professional Label Printer

It’s easy to set up, it’s compact and quiet when printing and to top if off, the print quality is excellent. This is hands down the best printer I’ve used for printing labels.

Ben Ramsden

Sharp PN-40TC1 Huddle Board

Brainstorming, innovation, problem solving, and negotiation have all become much more productive and valuable if people can easily collaborate in real time with minimal friction.

Sarah Ieroianni

Brother QL-820NWB Professional Label Printer

The print quality also does not disappoint, it’s clear, bold, doesn’t smudge and the text is perfectly sized.

Ratchada Dunn

Sharp PN-40TC1 Huddle Board

The Huddle Board’s built in program; Sharp Touch Viewing software allows us to easily manipulate and edit our documents (jpegs and PDFs) all at the same time on the dashboard.

George Khoury

Sharp PN-40TC1 Huddle Board

The biggest perks for me would be that it comes with easy to use and comprehensive programs that make the collaboration process a whole lot more intuitive and organic

Featured Content

Product Launch Showcase

Latest Jobs

Don’t have an account? Sign up here

Don't have an account? Sign up now

Forgot password?