The notorious Conficker worm, which began infecting Windows systems in 2008 and has not had a new variant in more than two years, continues to dog enterprises more than three years later, according security experts at Microsoft.
For the past two-plus years, Conficker has remained the top malware threat facing businesses, having been detected almost 220 million times worldwide since 2009, according to the software giant. There’s been a 225% increase in quarterly detections since that year, and in the fourth quarter of 2011 alone, the worm was detected on 1.7 million systems.
"Many … in the enterprise are still fighting that worm," Tim Rains, Microsoft’s director of trustworthy computing, said April 25 in a conference call with reporters to introduce the latest Microsoft Security Intelligence Report.
Microsoft releases its Security Intelligence Reports twice a year, drawing on data gathered from the more than 600 million Windows systems in use worldwide, the 280 million Hotmail accounts that scan billions of emails, billions of Web pages scanned by Bing every day and the various security software and tools—including Microsoft Security Essentials and Malicious Software Removal Tool—from the software giant.
"We have a pretty rounded view of the threat landscape," said Rains, who also talked about the report in an online video.
From that and discussions with enterprise customers, he said Microsoft officials have continued to find that Conficker is the biggest malware problem for businesses, despite the lack of variants of the worm and that Microsoft issued a patch to shore up the vulnerability soon after Conficker was detected. Rains said Microsoft officials wanted to know why the worm continued to propagate.