Worm targets old Symantec hole

Long-patched vulnerability attacked by new Spybot.

A version of the Spybot worm has been spotted attempting to use a vulnerability in Symantec Client Security and Symantec Antivirus, despite the flaw being discovered and patched six months ago.

Advertise on www.virusbtn.com

The worm, dubbed W32.Spybot.ACYR by Symantec researchers, also tries to exploit several well-known Microsoft vulnerabilities, and is currently mainly active in the .edu domain. Symantec users who have updated since the patch was released, in late May, should be safe from this vector but should also ensure all Microsoft Windows patches are up to date.

A Symantec blog entry on the worm is here, while more detailed analysis of the threat is here.

29 November 2006

Tags: virus   del.icio.us  digg this! digg this

Poll

Have you ever been conned by a phishing email?
I have never seen/recognised a phishing email
I always ignore or delete phishing emails
I have responded but realised in time to prevent any damage
I have lost money/accounts have been compromised

Leave a comment
View 12 comments
Jobs Recruit Sidebar

Malware Prevalence

NetSky |#################|
Agent |##############|
Zbot |#########|
Bifrose/Pakes |########|
Mytob |#######|
 View this month's full report
Virus Bulletin currently has 137,607 registered users.