Phone Lines icon GFI Support

Articles in this section

See more

GFI LanGuard Reporting Conficker Worm Detection

Author: Luis Fernandes Updated

Overview

This article guides you on how GFI LanGuard reports the Conficker worm when detected in the system.

 

Information

  • Conficker is a widespread worm targeting the Microsoft Windows operating system. There are several variants of the infection.

  • GFI LanGuard 9 and later, using the latest security updates, can detect machines infected with the Conficker worm. Infected computers show a High-Security Vulnerability indicating the exposure of the Conficker worm.

  • GFI LanGuard also reports machines which do not have Microsoft security update MS08-067 installed. Security update MS08-067 targets a vulnerability used by Conficker to propagate itself. Thus, computers which do not have MS08-067 are at risk of being infected.

  • Apart from detecting and reporting infected machines or machines which are at risk of infection, GFI LanGuard also supports the deployment of MS08-067 on devices which are still missing the security update.

    NOTE: A variant of the Conficker worm imitates the installation of security update MS08-067. GFI LanGuard is still able to perform accurate detection of the missing security update and report that the machine is infected accordingly.