I just recently read this when I was checking Speedguide.net for stuff. And they had this link, SG News :: Nearly 9 Million PCs Hit By 'Downandup' Worm, which talked about the DownandUp Worm. I just wanted to know if CIS stops this thing dead unless you give it access and how is the detection on this? Cause as they say it changes often or by author so that sigs can’t find it. I use CIS firewall and Avira Personal for AV but I have a few peeps that use the full CIS and they asking me if they should worry? Should we?
As far as i know it has 2 forms of spreading
-
over the network targeting tcp port 139 and/or 445 both are for windows shares.
For all networks that you block this traffic “from” you won’t be infected. -
using USB autorun, CIS will not trust any executable on an “external” device so it will alert you if something want’s to execute from it.
Ah I see, yea I use my 2gb usb w/ launchpad on this pc which has CIS and everytime I put it in to update the apps and such in it, CIS will pop up and ask about the usb launchpad, which I treat as an installer/updater and then enter password to login to usb and update the stuff. I think that’s an awesome feature.
I’ll just have to be extra careful for now until they find a solution to that worm, cause if I use this usb on someones pc and they have it, it could spread to the usb and that would be no good.
Correct helping spread viruses is no good 
I’m always extra careful if my USB stick has had an “untrusted” connection.