It’s a good idea to read every word of CNET editor Dong Ngo’s update on Conficker, the computer worm that professional worm-watchers speculate will be triggered on April 1. As that happens to be April Fools Day, some readers will not take these Doomsday prophesies seriously. Others have been downloading vermifuge patches like crazy. Sometime between midnight of March 31 and midnight of April 1 we will know. But we don’t know what we will know. It could be nothing, something, or Doomsday called on account of rain. After all, one possibility is that the virus’s designers got spooked and changed the day to, say, April 2. Or Memorial Day. Your guess is as good as Ngo’s.

His blog tells us succinctly everything experts have learned, and links are included to software that may help thwart the demon bug or at least keep it at bay while its mad scientist devisers regroup and restrategize. Here’s Ngo’s summary of the threat confronting us:

Conficker is a very sophisticated worm that took advantage of a security hole mentioned in this Microsoft bulletin. The hole affected all 32-bit and 64-bit Windows operating systems, even those with the latest service packs. The hole allowed the virus to infect the computer without any user interaction via the Internet, local network, or USB thumbdrives. Once infected, it stops the computer’s security services and Windows update service, and disables tools and software designed to remove it. The worm also allows the creator to remotely install other malicious codes on the infected computer.

Consequently, the worm is programed to update itself from domains it randomly generates. By April 1, the amount of domains the worm generates and infects to find updates could grow to 50,000 a day. The owner of the virus only needs to use one of these domains to host the update. This makes it virtually impossible for authorities to track the source of the update.

Microsoft has offered $250,000 as a reward for any information leading to an arrest. If you hanker for your reward, start by booking a flight to Beijing, as speculation has focused on China as the country of origin. It’s hard to understand what benefit there is to China, since it already owns our country. But perhaps there is more mischief to be done.

Do you have the Doomsday Worm? BKIS, a Vietnamese security firm that makes antivirus software, offers a simple way to find out. Dong Ngo writes:

First, make sure your computer is connected to the Internet by going to a Web site such as Google or CNET. Then, if your computer can also successfully go to the Web sites of Microsoft and known security companies, such as Symantec, McAfee, TrendMicro, Sophos, Panda, and you can also run Windows Update successfully, then your computer is clear from Conficker.

On the other hand, if the computer fails to do any of those, it’s likely that it has already been affected. In this case, try to follow these instructions to remove it, or use BKIS’ antivirus software that can be downloaded for free. As a last resort, you can also back up your data and install Windows from scratch, then immediately run Windows Update to install the latest security patches.

Hasta mañana. Or should I say, Hasta la vista, baby? If I don’t post a blog tomorrow, you’ll find me in my office, rocking back and forth, sucking my thumb, gazing numbly at the blue screen of death.

RC