The Conficker worm, a computer worm built to target Microsoft Windows operating systems, continues to be one of the most prevalent security threats to PCs using Windows, reports a recent Microsoft security brief.
First detected in 2008, the Conficker worm spreads by exploiting flaws in Windows software, as well as infected media, to co-opt machines and link them to another computer, through which the infected PCs can be commanded remotely.
According to Microsoft's most recent Security Intelligence Report, in the first six months of 2009, 5 million computers were infected with Conficker.
Taterf, another kind of worm that spreads through mapped drives (such as USB sticks) and targets online gamers, infected nearly as many computers as Conficker: Microsoft reports that it was removed from computers more than 4.9 million times in the first half of 2009.
Businesses beware: Microsoft notes that the worms seem to pose the greatest threat to enterprises.
What's really interesting is that worms made up four of the top five threats we detected in the enterprise [...] but only one of the top 10 threats in the home [...]
As PC World writes, worms have been a major concern for Microsoft, and the company has attempted to respond quickly to past attacks:
Conficker alarmed Microsoft so much when it appeared that Microsoft issued an emergency patch in October 2008 for the software vulnerability that allowed it to spread rapidly.
The report boasts that the first week it was available, Microsoft Security Essentials was installed over 1.5 million times and detected almost 4 million threats.
Microsoft's efforts may have been appreciated not only by those installing them, but those perpetrating the attacks: the company reportedly received an e-mail from the creators of Zlob, a Trojan horse, announcing that they planned on "closing soon" and complimenting Microsoft on responding quickly to the threats.
The Microsoft report also examined security by region (see map below), finding that different parts of the world faced varying threats. PC World sums up the findings:
Trojan horse programs -- which can download other malicious software -- were the biggest threat in the U.S., U.K., France and Italy. Malicious software aimed at online banking was problematic in Brazil, while worms were a dominant threat in Spain and South Korea, Microsoft said.
Infection rates by country/region, 1H09, expressed in CCM (Computers Cleaned Per Mil)
The figures cited in Microsoft's most recent security brief do not include its new operating system, Windows 7.
Download the full report here.