Conficker virus could be deadly threat – or April Fool's joke
Virus that has infected 10m computers leaves experts baffled.It could be the biggest April Fool's joke ever played on the internet, or it could be one of the worst days ever for computers connected to the network. Security experts can't work out whether the Conficker virus – which has infected more than 10m Windows PCs worldwide – will wreak havoc on Wednesday , or just let the day pass quietly.
...Rundll loads and runs 16-bit DLLs, whereas Rundll32 loads and runs 32-bit DLLs. If you pass the wrong type of DLL to Rundll or Rundll32, it may fail to run without indicating any error messages.
...Mimivirus is one of the largest and most complex viruses known. The virus was first isolated in 1992 from amoebae growing in a water tower in Bradford. La Scola, B. et al. (2003) A giant virus in amoebae. Science 299: 2033.
...TechForensics writes
"A few days' testing of Windows 7 has already disclosed some draconian DRM, some of it unrelated to media files. A legitimate copy of Photoshop CS4 stopped functioning after we clobbered a nagging registration screen by replacing a DLL with a hacked version. With regard to media files, the days of capturing an audio program on your PC seem to be over (if the program originated on that PC). The inputs of your sound card are severely degraded in software if the card is also playing an audio program (tested here with Grooveshark). This may be the tip of the iceberg. Being in bed with the RIAA is bad enough, but locking your own files away from you is a tactic so outrageous it may kill the OS for many persons. Many users will not want to experiment with a second sound card or computer just to record from online sources, or boot up under a Linux that supports ntfs-3g just to control their files."
...F-Secure Malware Information Pages: Worm:W32/Downadup.AL
Name : Worm:W32/Downadup.AL
Detection Names : Net-Worm.Win32.Kido
Worm:W32/Downadup.AL
Aliases : Worm:Win32/Conficker (Microsoft)
...
W32/Conficker.worm
Type Virus SubType Worm Discovery Date 11/24/2008 Length 58,368 bytes Minimum DAT 5444 (11/24/2008) Updated DAT 5493 (01/12/2009) Minimum Engine 5.2.00 Description Added 11/24/2008 Description Modified 01/06/2009 5:53 AM (PT)
...
December 9, 2008 (Computerworld) Microsoft Corp. today patched 28 vulnerabilities, nearly all of them marked "critical," in the biggest batch of fixes it has issued since it switched to a regular monthly update schedule more than five years ago.
...You can lock your Windows PC quickly by creating a shortcut to the lock command. Right-click a blank spot on your desktop and from the resulting pop-up menu, click Start by right-clicking an empty space on the desktop and then selecting New shortcut. In the space below Type the location of the item, type in rundll32.exe user32.dll, LockWorkStation (remember to watch your spacing and case). Finally, create a clever name for the icon besides the default "rundll32"to lock your computer with ease.
...Risks
