Dark Reading is part of the Informa Tech Division of Informa PLC

This site is operated by a business or businesses owned by Informa PLC and all copyright resides with them.Informa PLC's registered office is 5 Howick Place, London SW1P 1WG. Registered in England and Wales. Number 8860726.

Endpoint

3/31/2009
05:01 PM
Dark Reading
Dark Reading
Products and Releases
50%
50%

Shavlik Offers Free Conficker Protection Tool

Security tool helps companies proactively protect their PCs and networks, as well as attached devices

St. Paul, MN (March 30, 2009) -- Shavlik Technologies, LLC, the market leader in simplifying and automating security and compliance readiness, today responded to industry concern over the new variant of the Conficker virus that security researchers believe will be activated on April Fool's Day.

The Conficker worm is reported to have infected as many as 10 million PCs and its target is businesses that do not regularly update security patches to PCs and servers in the networks. All Conficker needs is to infect one machine to infect the entire network.

"The widely-cited report on the CBS program 60 Minutes last night was helpful in explaining what this virus is, but didn't go far enough to tell viewers that a proactive approach to protecting PCs in an enterprise network is the best defense against this virus," said Mark Shavlik, CEO of Shavlik Technologies.

Shavlik's Data Security Team says there are three ways the Conficker virus is spread:

  • The virus attacks a vulnerability in the Microsoft Server; if an organization's Server was not updated with the patch issued in October, infected PCs can be attacked remotely and taken over.
  • Conficker will also attempt a 'brute force' attack to guess passwords used by corporate networks, and then replicate through shared connections to the network.
  • Once infected, the virus turns off Windows Update services - thereby preventing the machine from obtaining the very patch that would have prevented the initial exploit.
  • The Conficker worm can easily infect Peer-to-peer or removable devices such as a Flash Drive or an iPod with an autorun file that executes once the infected device is connected to a PC. To combat possible infection of this virus, Shavlik is offering a free security tool to help companies proactively protect their PCs and networks, as well as attached devices, from this malicious virus. Go to http://www.shavlik.com/landingpage/20090326-conficker.aspx for a free download of the utility.

    Shavlik is already protecting millions of computers worldwide with Shavlik's NetChk Protect security suite from infection by this variant of the Conficker virus.

    "This is eerily reminiscent of the major worms of five years or more ago, Sasser/Blaster and before that Code Red, that had organizations scrambling to avoid infection. The advice today is the same as then " patch your systems first. This provides the breathing room to then update your firewall and AV technologies," said Chris Schwartzbauer, Senior Vice President, Sales and Marketing, of Shavlik Technologies. "What's also critical to understand is that IT organizations don't have time to waste with limited or integrated tools that don't provide the visibility, automation, and control required to manage proper, system wide updates. For companies that thought they were covered only to be hit with the virus, clearly the proper investment wasn't made on the front end."

    About Shavlik Technologies Shavlik Technologies, LLC delivers enterprise IT organizations robust software solutions that rapidly accelerate and continuously improve security and compliance readiness by simplifying IT operations, and identifying and reliably closing system security gaps.

    With more than 10,000 customers worldwide, Shavlik enables enterprises to simplify complex IT security and compliance management, providing trustworthy solutions that free up critical IT resources to focus on innovations that drive business growth while lowering costs. Shavlik also licenses its technology to more than 20 leading security and technology companies such as BMC, Juniper, Sophos, Symantec and VMware. For more information, visit Shavlik Technologies at www.shavlik.com.

    Comment  | 
    Print  | 
    More Insights
  • Comments
    Newest First  |  Oldest First  |  Threaded View
    How to Better Secure Your Microsoft 365 Environment
    Kelly Sheridan, Staff Editor, Dark Reading,  1/25/2021
    Attackers Leave Stolen Credentials Searchable on Google
    Kelly Sheridan, Staff Editor, Dark Reading,  1/21/2021
    Register for Dark Reading Newsletters
    White Papers
    Video
    Cartoon Contest
    Write a Caption, Win an Amazon Gift Card! Click Here
    Latest Comment: This comment is waiting for review by our moderators.
    Current Issue
    2020: The Year in Security
    Download this Tech Digest for a look at the biggest security stories that - so far - have shaped a very strange and stressful year.
    Flash Poll
    Assessing Cybersecurity Risk in Today's Enterprises
    Assessing Cybersecurity Risk in Today's Enterprises
    COVID-19 has created a new IT paradigm in the enterprise -- and a new level of cybersecurity risk. This report offers a look at how enterprises are assessing and managing cyber-risk under the new normal.
    Twitter Feed
    Dark Reading - Bug Report
    Bug Report
    Enterprise Vulnerabilities
    From DHS/US-CERT's National Vulnerability Database
    CVE-2020-4682
    PUBLISHED: 2021-01-28
    IBM MQ 7.5, 8.0, 9.0, 9.1, 9.2 LTS, and 9.2 CD could allow a remote attacker to execute arbitrary code on the system, caused by an unsafe deserialization of trusted data. An attacker could exploit this vulnerability to execute arbitrary code on the system. IBM X-Force ID: 186509.
    CVE-2020-4888
    PUBLISHED: 2021-01-28
    IBM QRadar SIEM 7.4.0 to 7.4.2 Patch 1 and 7.3.0 to 7.3.3 Patch 7 could allow a remote attacker to execute arbitrary commands on the system, caused by insecure deserialization of user-supplied content by the Java deserialization function. By sending a malicious serialized Java object, an attacker co...
    CVE-2020-13569
    PUBLISHED: 2021-01-28
    A cross-site request forgery vulnerability exists in the GACL functionality of OpenEMR 5.0.2 and development version 6.0.0 (commit babec93f600ff1394f91ccd512bcad85832eb6ce). A specially crafted HTTP request can lead to the execution of arbitrary requests in the context of the victim. An attacker can...
    CVE-2021-20620
    PUBLISHED: 2021-01-28
    Cross-site scripting vulnerability in Aterm WF800HP firmware Ver1.0.9 and earlier allows remote attackers to inject an arbitrary script via unspecified vectors.
    CVE-2021-20621
    PUBLISHED: 2021-01-28
    Cross-site request forgery (CSRF) vulnerability in Aterm WG2600HP firmware Ver1.0.2 and earlier, and Aterm WG2600HP2 firmware Ver1.0.2 and earlier allows remote attackers to hijack the authentication of administrators via unspecified vectors.