[tech] [Win] - Update on Conficker/Downadup mitigation methods - Network scanning tools now available
David Adam
zanchey at ucc.gu.uwa.edu.au
Tue Mar 31 13:21:32 WST 2009
On Tue, 31 Mar 2009, AusCERT wrote:
> -----BEGIN PGP SIGNED MESSAGE-----
> Hash: SHA1
>
> AusCERT Update AU-2009.0013 - [Win]
> Update on Conficker/Downadup mitigation methods - Network scanning tools
> now available
> 31 March 2009
>
> AusCERT Update Summary
> ----------------------
>
> Operating System: Windows
> Impact: Execute Arbitrary Code/Commands
> Access: Remote/Unauthenticated
> CVE Names: CVE-2008-4250
>
> Ref: AL-2009.0021
>
> OVERVIEW:
>
> Mass scanning of networks for the presence of Windows machines infected
> with the Conficker/Downadup worm is now possible thanks to the discovery
> of unique signature an infected machine presents. [1]
Scanned the UCC subnet with the new nmap version, seems ok. Most machines
should be running Sophos anyway.
[DAA]
More information about the tech
mailing list