QualysGuard now remotely detects Conficker

IT security provider Qualys announced yesterday that it has added remote detection of the Conficker Worm to its QualysGuard security audit service.

The upgrade enables QualysGuard users to detect multiple variants of the Conficker Worm and to control its spread within enterprise networks.

Wolfgang Kandek, Qualys CTO, said: “This security breakthrough will help many organizations tame Conficker and stop it from spreading within their networks.

“The new detection method allows IT administrators to remotely detect the Conficker virus directly on the infected machines without needing credentials or an agent installed.

“For many large enterprises, this represents an opportunity to perform a quick and non-intrusive audit of their patching efforts.”

Conficker has been spreading in corporate networks since November 2008, hacking weak passwords and infecting USB sticks to access the networks.

It spreads by exploiting the Microsoft Windows Server Service RPC Handling Remote Code Execution Vulnerability.

Once a machine is infected, Conficker blocks all access to security related websites, stopping security software from updating.

Story link: QualysGuard now remotely detects Conficker