Customer Uses Kaseya to Prevent Conficker Threat

Is your IT department worried about Conficker? With an estimated infection count of between 9 and 15 million PCs, Conficker is one of the fastest spreading viruses ever recorded. It spreads via several attack vectors, including USB flash drives and network shares that are either unprotected or have weak passwords.  Microsoft is offering a $250,000 USD reward for information leading to the arrest of Conficker’s creator. Come April 1st, each infected PC will receive an entirely new set of malicious instructions. The various possibilities for cyber attacks are staggering. By all accounts, it sounds like something to be worried about, but with Kaseya in our toolbox I know that our managed endpoints are ready.

I can tell at a glance if anyone is missing the critical MS08-067 patch from Microsoft that closes the hole used to spread this virus. If they are, a few clicks deploys the patch to their PC. It is easy to forget that before managed services existed, a worm of this magnitude would have taken several hours of manual patching and verification for each managed network to be protected. This is the value of Kaseya as a management tool.

Looking to the Kaseya forums there are now several clever scripts that will scan a managed PC for the Conficker worm, remove it, and then notify the person in charge of managing that network. This is the value of Kaseya’s community. With hundreds of minds just like ours working on the same problem, the end solution is more polished than ever before. As of this morning every managed endpoint we have has either been scanned for Conficker, or will be scanned the next time the PC is turned on. Community members have posted automated methods of running the Conficker removal tools from BitDefender, Symantec, ESET, F-Tools and Kaspersky. Pick your poison, and sleep soundly knowing that some of the brightest minds in IT management worked together to create a solution to the Conficker problem.

Come what may on April 1, our managed endpoints will not be spreading the problem. Will yours?

This post was written by Alex Robar, Technical Services Manager at GearyTech.  Alex provides oversight in the small business technology management solutions, including VoIP, backup, security, and infrastructure monitoring for client sites.  You can read more about GearyTech on their website at gearytech.com – Thanks Alex.

One Response to “Customer Uses Kaseya to Prevent Conficker Threat”

  1. GreyDuck April 1, 2009 at 8:02 am #

    It bears mentioning that the MS08-067 check can be fooled: Conficker has been known to install its own version of the patch, so the patch check THINKS that everything’s okay. Our approach has been to just run the BitDefender scanner across the entire client base to be on the safe side. So far, so good…

Leave a Reply:

Gravatar Image

-->