New worm attacks education sector


New worm attacks education sector

Antony Savvas

Symantec has confirmed the existence of a new worm called W32.Spybot.ACYR, which is attacking the education sector. The worm takes advantage of several Microsoft vulnerabilities and holes in Symantec's own security products.

The worm attempts to exploit a previously addressed vulnerability in the Symantec Client Security and Symantec Antivirus products.

Patches for the Symantec product vulnerability have been available since May this year. As a result, customers who have applied the patch are unaffected by the worm.

Symantec said, "At the present time we are seeing a spike in traffic on Port 2967 with activity only in the .edu domain."

Symantec added, "To mitigate attacks, customers are advised to update their products to the latest available security updates from Symantec. For those who are unable to apply the appropriate Symantec patch, it is recommended that they consider blocking Port 2967 at their firewall."


Comment on this article:

Email Alerts

Register now to receive IT-related news, guides and more, delivered to your inbox.
By submitting your personal information, you agree to receive emails regarding relevant products and special offers from TechTarget and its partners. You also agree that your personal information may be transferred and processed in the United States, and that you have read and agree to the Terms of Use and the Privacy Policy.

COMMENTS powered by Disqus  //  Commenting policy