Microsoft: Conficker Worm Still a Major Threat

Dennis Faas's picture

Weak security passwords and overlooked security updates have kept Conficker, a malware 'worm' first reported in 2008, alive and well. According to Microsoft, Conficker has not only survived, it is steadily infecting more corporate networks all the time.

The Conficker worm was first detected in November, 2008. It targeted networks and tried to penetrate them by guessing at their login passwords. At this, it was surprisingly successful.

The main reason for its success was that so many business users employ extremely weak passwords, including '12345', the word 'Password' and the default password for many networks: 'admin123'.

Conficker Shuts Down Vital Network Functions

Once it made its way onto any computer within a network, Conficker quickly spread to all the other computers legitimately connected to it. While its effects varied, generally speaking it was best known for barring further access to certain important network functions. (Source:

Today, experts estimate that Conficker has appeared about 220 million times. And despite the fact that the worm's structure and method of attack hasn't changed in the last two years, it isn't going away.

In a recently released Security Intelligence Report, Microsoft says it has detected a 225 per cent increase in instances of Conficker since 2009.

In the fourth quarter of 2011 alone Microsoft claims to have detected Conficker on approximately 1.7 million computer systems.

Complex Passwords Keep Conficker Away

The Redmond-based software giant says that about 92 per cent of Conficker infections result directly from business users employing weak passwords. Another eight per cent of these infections are tied to IT administrators who fail to update their security software or operating systems often enough to stay ahead of Conficker.

Wolfgang Kandek, chief technology officer for security firm Qualys, points out that both of these issues are entirely avoidable.

"Reading through the report, it is clear that we have the means to block each and every attempt of Conficker to infect other machines," Kandek said in a recent blog post. (Source:

Microsoft is taking a similar point of view. The company is encouraging all business users and IT administrators to ensure they use tough-to-crack security passwords and to change those passwords frequently.

Rate this article: 
No votes yet