Zombie tool makes use of Windows, antivirus flaws

Filed under: — By Aviran Mordo @ 7:49 am

An updated variant of a malicious bot program is spreading via a flaw in Symantec’s antivirus software as well as through several holes in Microsoft code.

The program, called “Spybot.ACYR” by Symantec and “Sdbot.worm!811a7027″ by McAfee, appears to be targeting educational institutions, according to a blog item posted by Symantec Tuesday. “We are seeing a spike in traffic on port 2967 with activity only in the .edu domain,” the security company said. “The impact of the attack is minimal thus far.”

This Spybot variant attempts to break into computers through a six-month-old vulnerability in Symantec Client Security and Symantec AntiVirus. A fix has been available since May 25. “Customers who have applied the patch in their environment are unaffected by the worm,” Symantec said.

Source: News.com


Leave a Reply

You must have Javascript enabled in order to submit comments.

All fields are optional (except comment).
Some comments may be held for moderation (depends on spam filter) and not show up immediately.
Links will automatically get rel="nofollow" attribute to deter spammers.

Powered by WordPress