The Conficker worm has infected millions of Windows computers—and one variant is set to be unleashed on April 1st, 2009. Here’s what you need to know to keep yourself safe.

What is the Conficker Worm?

Microsoft released an update in October to resolve a critical security hole in the Windows “Server” service. Since people aren’t as diligent about patching as they should be, hackers created a new worm that spread like wildfire, leaving systems completely under their control. Security researchers have determined that one variant of the virus is expected to go “live” and start trying to download new payloads on April 1st, 2009, potentially causing your computer to do bad things—but since the worm uses a P2P protocol it’s nearly impossible to identify the source.

How Does It Spread?

The worm originally started spreading using a network attack against the file sharing services in Windows, but since it can automatically update itself, it adapted to spread through the autoplay feature on removable media like USB thumb drives, by adding a new option to open where you see “publisher not specified”. This allows the worm to spread to systems already patched against the original vulnerability, so using anti-virus software is even more important, because once it’s on your computer it can spread further.

Is My Computer Affected?

Most anti-virus software has already been able to detect and remove the Conficker worm for a while now, so you are probably not at risk as long as you keep up with your updates and have real-time scanning enabled.

To actually detect and remove the worm, you can use the freely available Microsoft Windows Malicious Software Removal Tool that can remove a large number of viruses—for a full guide, I’ve also written an article on how to scan and remove malicious viruses.

How Do I Stay Safe?

Staying safe from this, and many other viruses and worms, requires a combination of keeping your computer updated and using anti-virus software. Here’s a couple of quick tips to follow:

• Make sure your system is fully patched using Windows Update, and update MS08-067 has been applied.
• Make sure your anti-virus is fully updated, enabled, and you’ve run a full scan.
• Make sure you are using strong passwords.
• Disable the AutoPlay feature—which Conficker uses to infect systems.
• Make sure your firewall is enabled when you are on untrusted networks.
• Make sure your data is backed up—if you aren’t sure what to use, see our five best Windows backup tools.

Keeping your system and your data safe is extremely important, so make sure to take some time out of your day to keep your system patched, updated, and virus-free. Hit the link for Microsoft’s explanation of the situation, or check out my article on scanning and removing malicious viruses for the walk-through approach. Protect yourself from the Conficker computer worm [Microsoft]