Conficker.Botnet
Description
This indicates detection of network traffic outbound originating from a computer infected with the W32/Conficker worm, also known as W32.Downadup and W32.Conficker.
To spread, this worm exploits the Server Service Vulnerability (CVE-2008-4250), as written in the Microsoft Security Bulletin MS08-067.
Affected Products
Any unprotected Windows system is vulnerable.
Impact
System Compromise: Remote attackers can gain control of vulnerable systems.
Recommended Actions
If required, the signature's action can be set to "Block".
Please use Anti-Virus software to scan and clean the infected computer.
Telemetry
Coverage
IPS (Regular DB) | |
IPS (Extended DB) |