Technically Speaking

Microsoft released to web (RTW) its Security Essentials product today… and it remains a free download.

The product is geared to replace Windows Live One Care and provides Anti-virus / Anti-Malware protection to the consumer market.  This is great news for consumers and some road warrior IT Pros allowing them to get protection on their laptops without worrying about subscription costs.

Having participated in the beta of the product, I was quite impressed.  It was the only security application I installed on my production Windows 7 laptop and I had no issues with it at all.  It is a thin application with very little needed in the way of maintenance after installation (or at least it was in beta).  The upgrade was smooth this morning and I have seen no issues to this point.

I will be recommending this product based on personal experience and cost in any scenario where it makes sense (too bad I bought a new subscription service recently for my inlaws).

Is it the best out there?  At this time I am not sure… Microsoft’s application works well for me but it is not geared for enterprise environments, although that may come in the future with products like System Center Online Desktop Manager, which is beta right now.

As of now, I would go try out the application and kick the tires… might work well enough to save you a bit of money on security apps.

With April 1st approaching (Wednesday of this week) and an unknown potential payload coming to potentially millions of computers, I felt it a good idea to get a post about conficker out to IT Managers.

Conficker is a worm that is essentially a time bomb, waiting for instructions on its next move, which many think will be April 1 2009. At this time, the creator of the worm could issue some command that could steal information from all of the computers that it is infecting, or they could do nothing.

CNet describes Conficker as follows:

“What is Conficker and how does it work?
Conficker is a worm, also known as Kido or Downadup, that cropped up in November. It exploits a vulnerability in Windows that Microsoft patched in October.

Conficker.B, detected in February, added the ability to spread through network shares and via removable storage devices, like USB drives, through the AutoRun function in Windows.

Conficker.C, which surfaced earlier this month, shuts down security services, blocks computers from connecting to security Web sites, and downloads a Trojan. It also reaches out to other infected computers via peer-to-peer networking and includes a list of 50,000 different domains, of which 500 will be contacted by the infected computer on April 1 to receive updated copies or other malware or instructions. Previous Conficker variants were written to connect to 250 domains a day. ”

Read more about Conficker on CNet

The Microsoft patch suggested for conficker can be downloaded here

The message of this post is not new or complex, but to simply remind everyone that conficker’s payload date is fast approaching and to make sure your organization’s systems are up to date with the latest malware protection.

Sometimes worms are big and problematic, but most outside of IT do not see them until they have a problem, conficker made 60 minutes this week.