This worm is really troubling Microsoft so much so that the software giant has announced a $250,000 (around Rs 1.25 crore) reward for information that results in the arrest and conviction of those responsible for illegally launching the Conficker malicious code on the Internet.

The company has also announced a partnership with technology industry leaders and academia to implement a coordinated, global response to the Conficker (aka Downadup) worm. Together with security researchers, the Internet Corporation for Assigned Names and Numbers (ICANN) and operators within the Domain Name System, Microsoft coordinated a response designed to disable domains targeted by Conficker.

This is not the first time that the company is offering money to catch worms. In 2005, Microsoft paid out $250,000 to two individuals who helped identify the creator of the notorious Sasser worm. The author was arrested and sentenced by the German authorities. Rewards of $250,000 were offered over three other major computer worm threats known as Blaster, MyDoom and Sobig worms.

Millions of Windows-based personal computers worldwide, including thousands in China and India, have been affected by a family of network worms which goes by the name conficker (also called kido or downadup).

The problem has been compounded since the worm keeps on mutating with new variants and a large number of companies and small and medium businesses have not yet fixed their machines with an emergency patch-up (MS08-067) provided by Microsoft in October 2008 as well as this month.

Anti-virus company F-Secure estimates that 15 million machines have been infected till date, making it the worst outbreak of its kind since a worm called Slammer in 2003.

The worm, according to Microsoft, infects computers across a network by exploiting a vulnerable spot in the Windows server service (SVCHOST.EXE) which could allow remote code execution when file sharing is enabled. Depending on the specific variant (said to have numerous variants), it may also spread via removable drives (USB sticks for instance) and by exploiting weak passwords (password, 12345 and qwerty etc).

It disables several important system services (including email) and security products and downloads arbitrary files (making it difficult to detect).

Even the US Computer Emergency Readiness Team has cautioned that “…disabling AutoRun on Microsoft Windows systems can help prevent the spread of malicious code. However, Microsoft’s guidelines for disabling AutoRun are not fully effective, which could be considered vulnerability.”

You may read the full article here: http://business-standard.com/347182/