March 2nd, 2007 by Miray Lozada
Recent variants of RINBOT exploited a vulnerability in Symantec antivirus software. RINBOT emerged in 2006 spawning new variants of RINBOT in mid-February that exploited certain software (including Windows) vulnerabilities. Trend Micro detects the newest Rinbot variants as WORM_RINBOT.F and WORM_RINBOT.E. Both variants exploit an old SQL Server flaw, propagates via network shares, and has backdoor capabilities.
As newer variants emerge, information will be posted in the Trend Micro Virus Encyclopedia. Solutions for cleaning are available in the above links. RINBOT can be blocked by using firewall applications, specifically blocking and restricting outgoing port traffic.
RINBOT does not currently exploit any known vulnerability in any Trend Micro products.
Best Black Friday Deals
CNET editors are busy culling the list and highlighting what we think are the best deals out there this holiday season.