Tuesday, April 26, 2011

MSRT Update Includes Additional Coreflood (Afcore) Variants

Earlier this month, the FBI and the Justice Department disabled the Coreflood botnet.  The botnet was reportedly comprised of more than two million computers infected with malicious code.

The April 11 release of the Malicious Software Removal Tool  (MSRT) added Win32/Afcore (Coreflood) malware detection to support the take-down operation.  This addition was at the request of the FBI and the Department of Justice.

Although the regular schedule for releasing updates to the MSRT accompanies the monthly security updates, as explained in my article, Understanding Microsoft Anti-Malware Software, additional updates are added as needed to respond to security incidents. 

In continuing support for the take-down activities of the the Coreflood botnet, Microsoft released a second edition of MSRT.  In an MMPC Blog post, Jeff Williams, Principal Group Program Manager, MMPC explained that the updated version includes variants of Afcore released by the criminals behind it at approximately the same time as the previous edition of MSRT.

The updated MSRT also includes additional malware families, already included in the definitions for Microsoft Security Essentials and Forefront.  

The MSRT works on Windows 7, Windows Vista, Windows XP, Windows Server 2003, or Windows Server 2008 and is available from Microsoft Update, Windows Update and the Microsoft Download Center.

Remember - "A day without laughter is a day wasted."
May the wind sing to you and the sun rise in your heart...

No comments: