Skip to main content
Skip to main content
Microsoft Security Intelligence
Cart 0 items in shopping cart
Sign in
30 entries found. Displaying page 1 of 2.
Updated on Sep 20, 2015

Windows Defender detects and removes this threat.

This worm makes changes to you PC and can disable important system services and security products, like antimalware or antivirus software.

It spreads by infecting PCs on your network, removable drives (like USB flash drives), and weak passwords.

Find out ways that malware can get on your PC.

Alert level: severe
Updated on Sep 20, 2015

Microsoft security software detects and removes this threat.

This family of worms can disable several important Windows services and security products. They can also download files and run malicious code on your PC if you have file sharing enabled.

Conficker worms infect PCs across a network by exploiting a vulnerability in a Windows system file. This vulnerability is described and fixed in Security Bulletin MS08-067.

Some worms can also spread via removable drives and by using common passwords.

Find out ways that malware can get on your PC.

Alert level: severe
Updated on Apr 11, 2011
WinNT/Conficker is a trojan component of Worm:Win32/Conficker that aids in restarting the TCP/IP service.
 
Microsoft strongly recommends that users apply the update referred to in Security Bulletin MS08-067 immediately.
 
Microsoft also recommends that users ensure that their network passwords are strong to prevent this worm from spreading via weak administrator passwords. More information is available here.
 
Microsoft also recommends that users apply an update that changes the AutoPlay functionality in Windows to prevent this worm from spreading via USB drives. More information is available in the Microsoft Knowledgebase Article KB971029.
Alert level: severe
Updated on Nov 24, 2015
Microsoft security software detects and removes this worm.
 
Worm:Win32/Conficker.B!inf is the detection used for the autorun.inf files created by Conficker.B when it attempts to spread through mapped and removable drives.
For more information, please see Worm:Win32/Conficker.B.

Worm:Win32/Conficker.B is a worm that infects other computers across a network by exploiting a vulnerability in the Windows Server service (SVCHOST.EXE). 

If the vulnerability is successfully exploited, it could allow remote code execution when file sharing is enabled. It may also spread through removable drives and weak administrator passwords. It disables several important system services and security products.

Microsoft strongly recommends that users apply the update referred to in Security Bulletin MS08-067 immediately.

Microsoft also recommends that users ensure that their network passwords are strong to prevent this worm from spreading via weak administrator passwords. More information is available here.

Microsoft also recommends that users apply an update that changes the AutoPlay functionality in Windows to prevent this worm from spreading via USB drives. More information is available in the Microsoft Knowledgebase Article KB971029.

Alert level: severe
Updated on Dec 14, 2019
Alert level: severe
Updated on Oct 07, 2013

Windows Defender detects and removes this threat.

This worm spreads by infecting computers on your network, removable drives (such as USB flash drives), and weak passwords.

It disables important system services and security products, such as antimalware or antivirus software.

Alert level: severe
Updated on Jun 29, 2014

Windows Defender detects and removes this threat.

This worm can stop some security products from working properly, such as your antivirus software.

It spreads using peer-to-peer (P2P) connections to infect any PC on your network. It can also infect removable drives (such as USB flash drives), and exploit weak passwords.

Alert level: severe
Updated on Apr 11, 2011
Worm:Win32/Conficker.E.dll is a component of the Win32/Conficker family.  It is installed to machines already infected with Conficker.B, .C, or .D variants as an update via Worm:Win32/Conficker.E’s payload.
 
Microsoft strongly recommends that users apply the update referred to in Security Bulletin MS08-067 immediately.
 
Microsoft also recommends that users ensure that their network passwords are strong to prevent this worm from spreading via weak administrator passwords. More information is available here.
 
Microsoft also recommends that users apply an update that changes the AutoPlay functionality in Windows to prevent this worm from spreading via USB drives. More information is available in the Microsoft Knowledgebase Article KB971029.
Alert level: severe
Updated on Aug 05, 2013

Worm:Win32/Conficker.gen!E is a generic detection for a worm that infects computers across a network by exploiting a vulnerability in the Windows Server service (SVCHOST.EXE). If the vulnerability is successfully exploited, it could allow remote code execution when file sharing is enabled. It may also spread via removable drives, network shares and weak administrator passwords. It disables several important system services and security products.

Alert level: severe
Updated on Apr 11, 2011
Worm:Win32/Conficker.A is a worm that infects other computers across a network by exploiting a vulnerability in the Windows Server service (SVCHOST.EXE). If the vulnerability is successfully exploited, it could allow remote code execution when file sharing is enabled.
 
Microsoft strongly recommends that users apply the update referred to in Security Bulletin MS08-067 immediately.
 
Microsoft also recommends that users ensure that their network passwords are strong to prevent this worm from spreading via weak administrator passwords. More information is available here.
 
Microsoft also recommends that users apply an update that changes the AutoPlay functionality in Windows to prevent this worm from spreading via USB drives. More information is available in the Microsoft Knowledgebase Article KB971029.
Alert level: severe
Updated on May 26, 2010
Worm:Win32/Conficker.gen!B is a generic detection for a worm that infects other computers across a network by exploiting a vulnerability in the Windows Server service (SVCHOST.EXE). If the vulnerability is successfully exploited, it could allow remote code execution when file sharing is enabled. It may also spread via removable drives, network shares and weak administrator passwords. It disables several important system services and security products.
 
Microsoft strongly recommends that users apply the update referred to in Security Bulletin MS08-067 immediately.
 
Microsoft also recommends that users ensure that their network passwords are strong to prevent this worm from spreading via weak administrator passwords. More information is available here.
 
Microsoft also recommends that users apply an update that changes the AutoPlay functionality in Windows to prevent this worm from spreading via removable drives. More information is available in the Microsoft Knowledgebase Article KB971029.
Alert level: severe
Updated on May 26, 2010
Worm:Win32/Conficker.gen!A is a generic detection for a worm that infects other computers across a network by exploiting a vulnerability in the Windows Server service (SVCHOST.EXE). If the vulnerability is successfully exploited, it could allow remote code execution when file sharing is enabled.
 
Microsoft strongly recommends that users apply the update referred to in Security Bulletin MS08-067 immediately.
 
Microsoft also recommends that users ensure that their network passwords are strong to prevent this worm from spreading via weak administrator passwords. More information is available here.
 
Microsoft also recommends that users apply an update that changes the AutoPlay functionality in Windows to prevent this worm from spreading via removable drives. More information is available in the Microsoft Knowledgebase Article KB971029.
Alert level: severe
Updated on Apr 11, 2011
Worm:Win32/Conficker.E is a member of the Win32/Conficker family and was proactively detected when first discovered as Worm:Win32/Conficker.gen!A. Conficker.E acts as an update mechansim for previous variants of Win32/Conficker. This variant deletes its own executable on May 3 2009.
 
Microsoft strongly recommends that users apply the update referred to in Security Bulletin MS08-067 immediately.
 
Microsoft also recommends that users ensure that their network passwords are strong to prevent this worm from spreading via weak administrator passwords. More information is available here.
 
Microsoft also recommends that users apply an update that changes the AutoPlay functionality in Windows to prevent this worm from spreading via USB drives. More information is available in the Microsoft Knowledgebase Article KB971029.
Alert level: severe
Updated on May 26, 2010
TrojanDropper:Win32/Conficker.gen!A drops and executes variants of Win32/Conficker. In the wild we have observed this trojan installing Worm:Win32/Conficker.D on affected machines.
 
Win32/Conficker infects other computers across a network by exploiting a vulnerability in the Windows Server service (SVCHOST.EXE). If the vulnerability is successfully exploited, it could allow remote code execution when file sharing is enabled. It may also spread via removable drives and weak administrator passwords. It disables several important system services and security products.
 
Microsoft strongly recommends that users apply the update referred to in Security Bulletin MS08-067 immediately.
 
Microsoft also recommends that users ensure that their network passwords are strong to prevent this worm from spreading via weak administrator passwords. More information is available here.
 
Microsoft also recommends that users apply an update that changes the AutoPlay functionality in Windows to prevent this worm from spreading via USB drives. More information is available in the Microsoft Knowledgebase Article KB971029.
Alert level: severe
Updated on Apr 11, 2011
Trojan:WinNT/Conficker.B is a trojan component of Worm:Win32/Conficker that aids in restarting the TCP/IP service.
 
Microsoft strongly recommends that users apply the update referred to in Security Bulletin MS08-067 immediately.
 
Microsoft also recommends that users ensure that their network passwords are strong to prevent this worm from spreading via weak administrator passwords. More information is available here.
 
Microsoft also recommends that users apply an update that changes the AutoPlay functionality in Windows to prevent this worm from spreading via USB drives. More information is available in the Microsoft Knowledgebase Article KB971029.
Alert level: severe
Updated on Dec 31, 2008
Alert level: severe
Updated on May 13, 2010
Alert level: severe
Updated on Feb 15, 2013
Alert level: severe
Updated on Dec 23, 2019
Alert level: severe
Updated on Jun 14, 2009
Alert level: severe