Encyclopedia entry: Win32/Conficker
Jump to navigation
Jump to search
(Publication) Google search: [1]
Encyclopedia entry: Win32/Conficker | |
---|---|
Botnet | Conficker |
Malware | Conficker_(bot) |
Botnet/malware group | |
Exploit kits | |
Services | |
Feature | |
Distribution vector | |
Target | |
Origin | |
Campaign | |
Operation/Working group | |
Vulnerability | |
CCProtocol | |
Date | 2011 / 17 avril 2011 |
Editor/Conference | Microsoft Malware Protection Centre |
Link | http://www.microsoft.com/security/portal/Threat/Encyclopedia/Entry.aspx?name=Win32%2fConficker (Archive copy) |
Author | Joshua Phillips, Jireh Sanico, Vincent Tiu, Aaron Putnam |
Type |
Abstract
“ Win32/Conficker is a worm that infects other computers across a network by exploiting a vulnerability in the Windows Server service (SVCHOST.EXE). If the vulnerability is successfully exploited, it could allow remote code execution when file sharing is enabled. Depending on the specific variant, it may also spread via removable drives and by exploiting weak passwords. It disables several important system services and security products and downloads arbitrary files.
Bibtex
@misc{Lua error: Cannot create process: proc_open(/dev/null): failed to open stream: Operation not permitted2011BFR838, editor = {Microsoft Malware Protection Centre}, author = {Joshua Phillips, Jireh Sanico, Vincent Tiu, Aaron Putnam}, title = {Encyclopedia entry: Win32/Conficker}, date = {Error: Invalid time.}, month = Error: Invalid time., year = {2011}, howpublished = {\url{http://www.microsoft.com/security/portal/Threat/Encyclopedia/Entry.aspx?name=Win32%2fConficker}}, }