We patched for MS08-067 and have been yet to see it here. On Fri, Mar 20, 2009 at 10:04 AM, Kennedy, Jim <[email protected]> wrote: > > Regular users on fully patched XP and you are screwed. Been there done that > got the crappy T-Shirt. Not giving you a hard time but that is what I am > seeing. And have seen it and verified it at multiple other places. I got > lucky and saw it early and shut it down. I know some pretty big (22K users) > places that got totally over run by it. > > At this point the only thing keeping us alive is the svchost key with only > read rights for everyone, including system. > > >> -----Original Message----- >> From: Michael B. Smith [mailto:[email protected]] >> Sent: Friday, March 20, 2009 12:59 PM >> To: NT System Admin Issues >> Subject: RE: April 1st Conflicker Version C to erupt >> >> I do not know the answer to this, but based on what I've read about the >> infection vector, as long as you don't run as admin I suspect you'll be >> ok. >> At least on Vista and above. >> >> -----Original Message----- >> From: Kennedy, Jim [mailto:[email protected]] >> Sent: Friday, March 20, 2009 11:52 AM >> To: NT System Admin Issues >> Subject: RE: April 1st Conflicker Version C to erupt >> >> MS and the Anti-Virus vendors have really have let us down on this one. >> >> >> > -----Original Message----- >> > From: Ziots, Edward [mailto:[email protected]] >> > Sent: Friday, March 20, 2009 11:37 AM >> > To: NT System Admin Issues >> > Cc: [email protected] >> > Subject: April 1st Conflicker Version C to erupt >> > Importance: High >> > >> > Folks, >> > >> > Seeing quite a bit of activity with Conflicker, and on April 1st >> > according to the following site. Its going to erupt with a lot of >> > malicious activity ( port 80 outbound, P2p, mass infection, so >> > definitely get your systems patched, and AV, Signatures, HIPS >> updated) >> > Just dealt with a bout of this worm today. >> > >> > http://mtc.sri.com/Conficker/addendumC/ >> > >> > Sincerely, >> > Z >> > >> > Edward Ziots >> > Network Engineer >> > Lifespan Organization >> > MCSE,MCSA,MCP+I, ME, CCA, Security +, Network + >> > [email protected] >> > Phone:401-639-3505 >> >> >> ~ Finally, powerful endpoint security that ISN'T a resource hog! ~ >> ~ <http://www.sunbeltsoftware.com/Business/VIPRE-Enterprise/> ~ > > ~ Finally, powerful endpoint security that ISN'T a resource hog! ~ > ~ <http://www.sunbeltsoftware.com/Business/VIPRE-Enterprise/> ~ > >
~ Finally, powerful endpoint security that ISN'T a resource hog! ~ ~ <http://www.sunbeltsoftware.com/Business/VIPRE-Enterprise/> ~
