1. /
  2. Security Response/
  3. W32.Downadup.B


Risk Level 2: Low

December 30, 2008
May 14, 2012 2:18:55 PM
Also Known As:
Worm:W32/Downadup.AL [F-Secure], Win32/Conficker.B [Computer Associates], W32/Confick-D [Sophos], WORM_DOWNAD.AD [Trend], Net-Worm.Win32.Kido.ih [Kaspersky], Conficker.D [Panda Software]
Systems Affected:
Windows 2000, Windows 95, Windows 98, Windows Me, Windows NT, Windows Server 2003, Windows Server 2008, Windows Vista, Windows XP
CVE References:
W32.Downadup.B is a worm that spreads by exploiting the Microsoft Windows Server Service RPC Handling Remote Code Execution Vulnerability (BID 31874). It also attempts to spread to network shares protected by weak passwords and block access to security-related Web sites.

Note: For more information, please see the following resource:

Antivirus Protection Dates

  • Initial Rapid Release version December 30, 2008 revision 021
  • Latest Rapid Release version December 27, 2011 revision 007
  • Initial Daily Certified version December 30, 2008 revision 024
  • Latest Daily Certified version December 27, 2011 revision 017
  • Initial Weekly Certified release date December 31, 2008
Click here for a more detailed description of Rapid Release and Daily Certified virus definitions.
Writeup By: Sean Kiernan

Search Threats

Search by name
Example: W32.Beagle.AG@mm
STAR Antimalware Protection Technologies
Internet Security Threat Report