The volume of worm infections exploded in the first half of 2009, compared with the second half of 2008, according to Microsoft. In volume seven of the Microsoft Security Intelligence Report (SIRv7), the Redmond company indicates that Conficker and Taterf have made worm infections second only to those caused by miscellaneous Trojans. According to the software giant, worms such as Conficker and Taterf are designed to exploit unsecured file shares, as well as infect removable storage devices, while spreading from one machine to another. Microsoft warned that, unlike home users, enterprise IT environments were more exposed to the threat presented by worms because of unsecured file shares and removable storage.

“Miscellaneous Trojans remained the most prevalent category in 1H09, for the second straight period. Notably, Worms rose from fifth place in 2H08 to become the second-most prevalent category in 1H09, largely due to significantly increased detections of the worm families Win32/Conficker and Win32/Taterf, the two most prevalent families worldwide in 1H09. The prevalence of Password Stealers & Monitoring Tools also rose, due in part to increases in several password-stealer families aimed at players of online games. Of the remaining categories, Trojan Downloaders & Droppers, Miscellaneous Potentially Unwanted Software, and Adware all had relative declines, with the others remaining relatively stable from 2H08,” Microsoft revealed.

SIRv7 delivers a comprehensive perspective over the evolution of the threat environment between January and June 2009. The report concludes that worm infections in enterprises (firewalled network environments) approximately doubled in H1 2009, compared with H2 2010. Microsoft underlined that Conficker and Taterf had by far been the most detected worm families in the first half of this year.

Here are the definitions of Conficker and Taterf according to Microsoft: “Win32/Conficker: A worm that spreads by exploiting a vulnerability addressed by Security Bulletin MS08-067. Some variants also spread via removable drives and by exploiting weak passwords. It disables several important system services and security products and downloads arbitrary files. Win32/Taterf: A family of worms that spread through mapped drives in order to steal login and account details for popular online games.”