CONFICKER/DOWNADUP
Monday, March 30th, 2009Organizations with whom we work have assured us that the patch necessary to protect against CONFICKER/DOWNADUP has been updated to computers we support. Antivirus software that is deployed and managed by the organizations we support should also further protect your computer.
Despite the protection that has been deployed, one potential vulnerability found is when staff introduce infected USB keys or external hard drives and iPods to the network. If they do not have necessary protections on their home computers and they are infected, there is a chance the virus can be transferred to a removable hard drive and that hard drive could infect a work computer when it is plugged in. We strongly encourage staff to be careful on their home computers, especially if there is a data thread that can link the home computer with a work computer by way of a removable storage device. Please recommend your staff install the patch below on their home computers if the are Windows-based and to be careful with what they put on removable data drives. I recommend that a removable drive only be plugged in when it is needed, to save or transfer a file from the computer to the device; then remove it immediately. This won’t completely protect you, but it could minimize exposure.
Ideally, staff should consider not using removable drives with computers that are not on their work network or have not been configured to comply with their organization’s security, wherein we have a controlled environment. The exception is if they have assurances that the non-work computer is completely protected with bellwether antivirus, antispyware and firewall products. At this time, even work laptops should be considered a risk unless they are on the organization’s network often enough to update remotely. If you have any laptops at staff homes, may I suggest you ask them to bring them in so we can make sure they are up-to-date?
Patch for home computers: http://www.microsoft.com/technet/security/Bulletin/MS08-067.mspx
