Disturbing as it sounds, experts have just announced that a malicious worm which exploits a critical Windows flaw has infected at least 9 million PCs, and it’s spreading across numerous corporate networks all around the world. The worm is known as Conficker or Downadup and it’s relying upon a variety of attack vectors, which range from brute-force password guessing to hitching rides on USB stick, in order to replicate and spread throughout a network.

What makes this worm so dangerous? Well, the rate of speed at which it replicates, and that makes it quite unreachable. The first variant of the Conficker worm appeared in November 2008 and it exploited a critical Windows vulnerability in the way the Server Service handles RPC requests.
 
In order to respond to the attacks, Microsoft issued an emergency out-of-band patch in October last year repairing the errors. Furthermore, the software and hardware company also warned users in a security advisory that the Server Service vulnerability could be used in the crafting of a wormable exploit.

The second variation of the virus was observed in late December 2008, approximately one month ago. The worm is designed to create an enormous global botnet, a network of computers controlled by a central command center, usually for malicious purposes. In addition, in order to protect itself, the worm attempts to terminate any process that seems to indicate it is an antivirus program or other security software, and blocks access to many antivirus and security vendors’ Web sites.

Experts say the worm could infect PCs for months before it is eradicated by the security community. In order to protect themselves, Windows users must keep a solid desktop antivirus product running and updated on their PCs and immediately apply Microsoft patches repairing any security vulnerabilities.