It is estimated that as many as 30 percent of all Windows machines were not patched at the time when the worm was released into the wild.
Also known as Downadup and Kido, this worm has turned into a security nightmare for everyone from the home user through to the enterprise. Indeed, it is within the SME space that the most damage is likely to have taken place.
It is the small to medium sized enterprise where patches all too often tend to be rolled out more slowly, where automatic updates are not the norm for many reasons. Even large organisations which you might expect to know better apparently did not.
There are reports that NHS hospitals in the UK saw hundreds of computers infected, and we reported here at iTWire on how Conficker had some success in sinking the Royal Navy for a while.
Trouble is, every day Conficker is getting bigger and pretty much every security expert agrees that it can only be a matter of time before the giant Conficker Botnet springs into live to release an as yet unknown (although almost certainly spam and malware related) payload.
So what is being done to stop the Conficker feckers, and can the Conficker Cabal succeed in putting the kibosh on the cyber-criminals before it is too late? More on page 2...
Microsoft has joined forces with a number of security industry giants to form what has become known as the Conficker Cabal. Outfits such as AOL, F-Secure, ICANN and Verisign devoting their resources to catching the Conficker feckers.
I wish them luck, and I certainly believe that the hard work of security researchers in the lab is the way forward.
Which is why I was surprised to see Microsoft throwing money at the problem. It has a track record of doing this in the past, with a half million dollar reward offered for the arrest of the Blaster and Sobig worm authors in 2003.
Or how about the following year when it coughed up a quarter million to informers who contacted Microsoft about the Sasser and Netsky worm author, Sven Jaschan.
Now Microsoft has posted a bounty of another quarter million for the head of the Conficker fecker.
Graham Cluley, senior technology consultant at Sophos, is not sure it will be enough. He says "...while a USD 250,000 reward has successfully caught teenage hackers in the past, the bounty may not offer enough temptation to inform on an organised criminal gang making big money out of malware."