Good Evening, CCIP issued an alert on 8/01/2009 about the Conficker worm which attempts to exploit a previously patched stack buffer overflow vulnerability in Microsoft Windows Server Service (MS08-067). CCIP is issuing this update notice to warn organisations of this activity and to prevent further compromises from occurring. The latest variants of the Conficker worm include updates to its ability to communicate to itself and these changes are scheduled to activate on 1 April 2009, it is unknown what will happen on 1 April 2009. CCIP has been working with organisations nationally and with the international Conficker Working Group on this situation and would appreciate being informed of any outbreaks of Conficker or incidents relating to Conficker via incidents(a)ccip.govt.nz as this will assist in CCIP¹s ability to determine the impact of Conficker on New Zealand's networks and to coordinate any responses or flows of information. Further information about Conficker, including how to detect and remove it can be found on the Conficker Working Group website: http://www.confickerworkinggroup.org/wiki/pmwiki.php?n=ANY.GeneralAssistance Further infromation about MS08-067 can be found on Microsofts website: http://www.microsoft.com/technet/security/Bulletin/MS08-067.mspx Regards, Paul. -- Paul McKitrick Head of Stakeholder Engagement Centre for Critical Infrastructure Protection D: (+64) 4 498 7645 P: (+64) 4 498 7654 F: (+64) 4 498 7655 E: paul.mckitrick(a)ccip.govt.nz W: www.ccip.govt.nz --- This e-mail contains official New Zealand Government information, which is intended for the use of addressees only. If you have received this e-mail in error, please notify the sender immediately and delete. You should not further disseminate, distribute or copy this e-mail in any way. ---