Microsoft says Conficker should not have happened

Software giant Microsoft believes that Conficker might not have spread if users had followed basic security steps.

Conficker infected 1.7 million systems in the last half of 2011 and according to the latest Microsoft Security Intelligence report it really had little to do with Volish slip-ups.

The report said that Conficker infection stemmed from either weak or stolen passwords and exploiting software vulnerabilities for which updates existed.

If users were forced to use stronger passwords and had updated their machines the Conficker worm would have been dead on arrival, Microsoft security experts wrote.

Conficker has remained at the top of the enterprise threat list for the past two and a half years.

Tim Rains, Microsoft’s director of trustworthy computing admitted that the worm often carried key loggers that steal passwords. But most of the passwords that Conficker tries when it’s on a machine inside include “11, 22, admin, asdfgh, foofoo, and the ever popular Password”.

Rains said that corporates need to adopt a more holistic risk management that includes prevention, but also effective detection.

Some of the problems will go away when more companies move to clouds and aggregate network security and traffic data and watch it for anomalous behaviour.