Cleaning Conficker: Keeping Your Network Safe from Windows Worm

From EWEEK
Much has been written about the Conficker worm, also called "Downadup," in recent days. eWEEK has pulled together some general advice for protecting your systems from infection and remediating them should the worm slither by your defenses.

With infections from the Conficker worm still spreading, the good news is that there are ways to guard against it and clean your machine if you are infected.

The saga that is the Conficker worm began in earnest in November, when Microsoft reported a variant of the worm targeted a flaw in the Windows Server service the company patched in October. Since then, the worm has gone on to infect millions of machines.

The most prolific variant, identified by Microsoft as Win32/Conficker.B, spreads not only through the Windows flaw but also via network shares by logging into machines that use weak passwords. It also spreads by copying itself to removable media, an attack vector that has gained steam in the past year.

So what should users do to protect themselves? There are some answers. First is the obvious – apply the Microsoft patch and ensure your antivirus protection is up-to-date. There are also a number of workarounds for those who for whatever reason are not able to deploy the patch. For example, users can disable the Server and Computer Browsing services and block TCP ports 139 and 445 at the firewall.
Continue reading here....