1 In 3 Windows PCs Still Vulnerable To Worm Attack

CWmike writes "The worm that has infected several million Windows PCs, Downadup or 'Conficker,' is having a field day because nearly a third of all systems remain unpatched 80 days after Microsoft rolled out an emergency fix, security firm Qualys said. Downadup surged dramatically this week and has infected an estimated 3.5 million PCs so far, according to Finnish security company F-Secure Corp. The worm exploits a bug in the Windows Server service used in Windows 2000, XP, Vista, Server 2003, and Server 2008. Qualys' CTO said, 'These slow [corporate] patch cycles are simply not acceptable. They lead directly to these high infection rates.'" This is indicative of why some are calling for Microsoft to rethink Patch Tuesday, as reader buzzardsbay pointed out.

Get any work done?

[drewzhrodague]

Jeez, with virus scanners, several types of automatic updates, and other gadgety things polluting the standard corporate desktop, it is a wonder that people can get any work done on their PCs anyway. Six Inches of Air.

Not that bad considering it's Windows

[jerep]

If my years of tech support taught me anything it's that 9 out of 10 Windows users are more damaging to computers than anything else.

blackhat thoughts

[Kartoffel]

With all this talk of Microsoft losing money, maybe they should get into the botnet business for themselves. Vertical integration!

Re:Not that bad considering it's Windows

[ColdWetDog]

Worse than that... It's OPEN SOURCE's fault:

"By using the exploit from the Metasploit module as the code base, a virus/worm programmer only needs to implement functions for automatic downloading and spreading," said Xiao Chen, a McAfee security researcher, in an entry to the company's blog. "We believe that this can be accomplished by an average programmer who understands the basics of exploitation and has decent programming skills.

"It's obvious that worm writers are abusing open-source tools to their advantage to make their work easier," Chen added.

You all ought to be ashamed of yourselves...

That's nothing

[ZeroExistenZ]

My PC is vulnurable to butterflies. I estimate 90% of all windowsmachines could be as well.

Immune

[Alsee]

I'm immune to the worm. I'm still running Windows98 and it doesn't have "Windows Server service" and all that other wormbait crap.

Oh, hold on.... I'll be right back. I've been online 40 minutes and I need to reboot.

-

Re:router

[corsec67]

The very nature of a router is to use NAT.

No, the very nature of a router is to... route.
Or do the core internet routers also NAT?
Is China behind a large NAT? (This will probably be true in 2015, so hello people from then)

Re:router

[jrumney]

My ISP has a router installed on my internet connection, so I must be safe right?

Re:Genuine Advantage Validation

[Anonymous Coward]

Thank you Captain Widely-Spanning Representative Sample!

Re:Immune

[oahazmatt]

And here I thought you didn't attract worms because you walk without rhythm.

Re:blackhat thoughts

[sgt scrub]

I can hear it now.

worm developers!
worm developers!
worm developers!

Re:blackhat thoughts

[ArhcAngel]

I don't think McAfee or Symantec would like Microsoft worming in on their territory.

Re:Not an easy calculation

[Anonymous Coward]

Ubuntu