New Bot Exploits Months-Old Symantec Bug - InformationWeek

InformationWeek is part of the Informa Tech Division of Informa PLC

This site is operated by a business or businesses owned by Informa PLC and all copyright resides with them.Informa PLC's registered office is 5 Howick Place, London SW1P 1WG. Registered in England and Wales. Number 8860726.

IoT
IoT
Software // Enterprise Applications
News
11/28/2006
01:09 PM
50%
50%

New Bot Exploits Months-Old Symantec Bug

The bot, dubbed Spybot.acyr, includes exploits for seven different vulnerabilities, including five already patched flaws in Microsoft Windows and one within Symantec's enterprise antivirus products.

Symantec on Tuesday warned of a new bot exploiting multiple months-old bugs, including one in its own antivirus scanning engine, and said that it's collected evidence of an attack in progress.

The bot, dubbed Spybot.acyr, includes exploits for seven different vulnerabilities, including five already patched flaws in Microsoft Windows and one within Symantec's enterprise antivirus products. The Symantec bug was reported and patched in May.

Of the five Microsoft vulnerabilities leveraged by Spybot.acyr, the oldest harks to 2003, while the most recent was disclosed in August 2006. All have been patched.

"At the present time, we are seeing a spike in traffic on Port 2967 with activity only in the .edu domain," Symantec warned on its security research team's blog Tuesday. "[But] based on [our] intelligence, the impact of the attack is minimal thus far."

SANS Institute's Internet Storm Center also has tracked an increase in traffic on the same port, which is used by Symantec's AntiVirus Corporate Edition, and a back door for an exploit against unpatched systems.

Symantec recommended that users of its corporate antivirus software block port 2967 if they couldn't immediately patch the vulnerability.

We welcome your comments on this topic on our social media channels, or [contact us directly] with questions about the site.
Comment  | 
Print  | 
More Insights
Commentary
Enterprise Guide to Edge Computing
Cathleen Gagne, Managing Editor, InformationWeek,  10/15/2019
News
Rethinking IT: Tech Investments that Drive Business Growth
Jessica Davis, Senior Editor, Enterprise Apps,  10/3/2019
Slideshows
IT Careers: 12 Job Skills in Demand for 2020
Cynthia Harvey, Freelance Journalist, InformationWeek,  10/1/2019
White Papers
Register for InformationWeek Newsletters
Video
Current Issue
Getting Started With Emerging Technologies
Looking to help your enterprise IT team ease the stress of putting new/emerging technologies such as AI, machine learning and IoT to work for their organizations? There are a few ways to get off on the right foot. In this report we share some expert advice on how to approach some of these seemingly daunting tech challenges.
Slideshows
Flash Poll