![]() Seriously, would you actually miss it? In fact, do you actually use it for anything worthwhile at all? Microsoft has an excellent explanation of how to manage the AutoPlay configuration within your network environment at. Apart from the obvious one of having strong antivirus solutions in place and using only strong passwords, there are the perhaps less-obvious ones such as disabling the AutoPlay function. Which is why it’s also important to follow a few other steps to shore up those defences. ![]() First, and it’s worth repeating so I will, install that MS08-067 security update in full – or at least as fully as your network environment will allow, because for bigger and more diverse business applications that can be problematical. When it comes to Conficker, this means doing a number of things. My doctor is very keen on the old maxim that “prevention is better than cure”, and this is exactly the approach you should take when talking about IT security. ![]() ![]() Unfortunately, space prevents me from going through this in detail here, so I suggest that anyone interested visits for the full skinny. Microsoft has also provided an in-depth manual removal solution for those who need to get truly hands-on with this. Oh, and don’t forget to apply the MS08-067 update to all Windows computers in order to prevent a reinfection. Users of the Microsoft Desktop Optimisation Pack 6 at can also use the Standalone System Sweeper tool. When you download the tool from Microsoft Update or from Automatic Updates, and no malicious software is detected on the computer, the tool will run in quiet mode next time. Alternatively, try Microsoft’s Malicious Software Removal tool, which has been updated to remove the Conficker family: this is a standalone binary that you can download (via a clean machine if yours prevents access) from. Second, try the easy approach, by which I mean contacting your security vendor’s support people to see if they have a removal tool available. First, remember that you’ll have to effectively isolate each machine on the network to prevent it being reinfected by others that you’ve yet to disinfect. Assuming that you’re not going to wait for those rogue removal tools to arrive – and there will probably be a few already doing the rounds by the time you read this, even if Conficker itself hasn’t started bombing desktops – then you’ll need to settle upon a sensible removal strategy if you’re unfortunate enough to find the worm residing on your computers.
0 Comments
Leave a Reply. |