A worm that usually spreads by exploiting a critical flaw in Windows operating system and via removable devices and network shares is all set to turn out as an epidemic, a security expert claimed on Thursday.
Known by many names, such as Conficker, Kido, and Downadup, the bug at first exploited MS08-067, a vulnerability which dubbed critical for Windows 2000, Windows XP, and Windows Server 2003.
Though, the vulnerability has already been patched by Microsoft through an “out-of-cycle” fix in October last year, Qualys Inc. has notified that as many as 30 percent of Windows systems are yet to be patched for the vulnerability.
With around one third of the Windows systems are to be patched, chances of computer epidemic still exist down the line.
Qualys’ chief technology officer, Wolfgang Kandek said in a statement, “The unpatched numbers went down significantly around the 30-day mark, when less than 50% were unpatched. After that, it went down a little slower. As of yesterday, 30% of the machines are unpatched”.
Incidentally the Downadup worm has surged notably this week, and it has reportedly infected as many as 3.5 million PCs so far, according to the reports from Finnish security firm F-Secure Corp.
Go To Page 2 for our comments and more related links
Microsoft released a patch and almost 3 out of every 10 Windows PC haven't applied the patch. So where does the responsibility lies and how to resolve that? Unfortunately, it is up to the sysadmins to implement OS patching strategies and hopefully Windows 7 will make the process easier rather than worse.
BitDefender Reports Older, Known Worm Causing New Outbreaks