The malware attempts to log into computer systems as a user or administrator, enabling it to execute commands and move on, according to Arbor Network's Security Engineering and Response Team.
The patch can be downloaded from this Web site.
The vulnerability, which the SANS Institute earlier this month called a "major zero-day bug,"allows hackers to easily gain remote access to computers running Solaris. The problem lies in the way Telnet, a network protocol, uses parameters during the authentication process, said Johannes Ullrich in an earlier interview with InformationWeek. Ullrich is the CTO for the Internet Storm Center, a cooperative cyberthreat monitoring and alert system.
A Sun spokesman says earlier versions of Solaris 10 had Telnet automatically enabled out of the box, but the latest version doesn't. Secure by Default, which is part of the Solaris 10 update that was released last November, disables Telnet by default. For both the latest version of Solaris 10 and the beta version of Solaris 11, users have to specifically turn Telnet on to enable it, according to a statement from a Sun spokesman in an e-mail to InformationWeek.
Sun recommends that customers use Solaris Secure Shell as the protocol of choice.