Long-patched vulnerability attacked by new Spybot.
A version of the Spybot worm has been spotted attempting to use a vulnerability in
Symantec Client Security
and
Symantec Antivirus
, despite the flaw being discovered and patched six months ago.
The worm, dubbed W32.Spybot.ACYR by
Symantec
researchers, also tries to exploit several well-known
Microsoft
vulnerabilities, and is currently mainly active in the .edu domain.
Symantec
users who have updated since the patch was released, in late May, should be safe from this vector but should also ensure all
Microsoft Windows
patches are up to date.
A
Symantec
blog entry on the worm is
here
, while more detailed analysis of the threat is
here
.
Posted on 29 November 2006 by
Virus Bulletin
Leave a Reply