Unpatched Systems at Risk From Worm, Microsoft Says

Microsoft is seeing an increase in the number of malware attacks exploiting a security hole supposedly addressed by a recent patch.

Microsoft is seeing an increase in the number of malware attacks exploiting a security hole supposedly addressed by a recent patch, the company announced on Wednesday.

The problem stems from a worm dubbed "Win32/Conficker.A." The worm will "propagate on random computers" in an affected Windows-based network, according to Microsoft.

"Recently we've received a string of reports from customers that have yet to apply the update and are infected by malware," said Microsoft Security Response Center spokesman Bill Sisk in an e-mail. "These most recent reports have a common malware family and we urge people who haven't patched their systems to patch them immediately or as soon as possible."

Redmond's concerns had prompted the company to issue an out of band patch to address the problem in late October.

The security hole, and Microsoft's related hotfix, centers on remote procedure call (RPC) technology, which allows subroutine code to execute on other computers in a shared network. What's unique about this RPC vulnerability is that subroutines can be executed without programmer interference. It allows an almost automatic remote interaction between CPUs in a shared processing environment.

One security expert maintained that there is little to be concerned about, that is, unless your system is unpatched.

Randy Abrams, director of technical education at security firm ESET, said that although the vulnerability is bad "there are several mitigations, including disabling file and print sharing, which is generally a baseline sane practice."

Abrams also suggest that the proper use of firewalls wouldn't hurt either.

"The real threat is not worms," he said. "Worms are only automation and they tend to make a lot of noise. Any vulnerability that a worm can exploit can also be exploited by a Trojan, or manually by a skilled hacker. The hacker is far more likely to go undetected and capable of causing far greater harm."

This type of client-side bug is a textbook example why defense-in-depth security practices should be followed by IT pros and individual users alike.

Microsoft offers further details on the specific threats and workarounds in this link.

About the Author

Jabulani Leffall is an award-winning journalist whose work has appeared in the Financial Times of London, Investor's Business Daily, The Economist and CFO Magazine, among others.


  • Windows 10 Mobile To Fall Out of Support in December

    Microsoft will end support for the Windows 10 Mobile operating system on Dec. 10, 2019, according to an announcement.

  • Get More Out of Your Outlook Inbox with TakeNote

    Brien comes across a handy, but imperfect, feature in Outlook that lets you annotate specific e-mails. Its provenance is something of a mystery, though.

  • Microsoft Resumes Rerelease of Windows 10 Version 1809

    Microsoft on Wednesday once more resumed its general rollout of the Windows 10 version 1809 upgrade, also known as the "October 2018 Update."

  • Microsoft Ups Its Windows 10 App Compatibility Assurances

    Microsoft gave assurances this week that organizations adopting Windows 10 likely won't face application compatibility issues.

comments powered by Disqus
Most   Popular

Office 365 Watch

Sign up for our newsletter.

Terms and Privacy Policy consent

I agree to this site's Privacy Policy.