Many PCs still not patched against Conficker vulnerability

Endpoint assessment icon
Scott Lewis in our Columbus office has been doing some number crunching, and come up with some disturbing statistics after examining the data produced by Sophos’s free endpoint assessment test.

The Sophos Endpoint Assessment Test is a free tool that scans a computer and assesses whether it is a security risk to your organization. A single scan checks that your Microsoft service pack is the current one for your operating system, your Microsoft patches are all up to date, anti-virus protection is installed, running and current, and that a personal firewall is installed and running.

Scott examined the results for all users who took the test since January 1st 2009 to date, and found that 11% of the users did not have the Microsoft MS08-067 patch installed which can, amongst other things, help protect against the spread of Conficker.

Scott assumed that over time the percentage would drop dramatically due to the huge amount of press and publicity regarding Conficker in the last few months. However, his assumption appears to have been incorrect.

For the month of March 2009, 10% of all users who have used our free Endpoint Assessment Test are missing the essential Microsoft patch. That’s despite all of the newspaper headlines, and despite the fact that the patch has been available since October.

That’s pretty depressing news. Of course, we can’t extrapolate this to mean that 10% of all PCs around the world aren’t running the Microsoft patch, but it certainly tells a sorry story for a notable percentage of those who took our test. It appears that the percentage of computers (I refuse to call them endpoints.. I mean, who ever talks about “booting up their endpoint?”) not patched against the exploit used by Conficker is holding steady.

If you’re in charge of a large number of computers inside your business, then maybe statistics like this will remind you that there’s a strong case for better patch vulnerability assessment/remediation alongside Network Access Control (NAC).

If you haven’t already done so why not take Sophos’s free Endpoint Assessment Test yourself?

And, of course, if you are infected by the Conficker worm now would be a very good time to download a free Conficker removal tool.

More information about Conficker:

Graham Cluley is an award-winning keynote speaker who has given presentations around the world about cybersecurity, hackers, and online privacy. A veteran of the computer security industry since the early 1990s, he wrote the first ever version of Dr Solomon's Anti-Virus Toolkit for Windows, makes regular media appearances, and is the co-host of the popular "Smashing Security" podcast. Follow him on Twitter, Mastodon, Threads, Bluesky, or drop him an email.

What do you think? Leave a comment

Your email address will not be published. Required fields are marked *

This site uses Akismet to reduce spam. Learn how your comment data is processed.