Galaxy S23 Ultra: Hands-On Netflix Password-Sharing Crackdown Super Bowl Ads Apple Earnings Google's Answer to ChatGPT 'Knock at the Cabin' Review 'The Last of Us' Episode 4 Foods for Mental Health
Want CNET to notify you of price drops and the latest stories?
No, thank you
Accept

New Sdbot worm uses MS06-040 flaw to spread

New Sdbot worm uses MS06-040 flaw to spread

Various antivirus vendors are reporting that a new worm is taking advantage of the Windows Service Server flaw first announced by Microsoft on August 8 in its Security Bulletin MS06-040. Sdbot (w32.Sdbot.worm!MS06-040) is considered a low threat by most antivirus vendors and is responsible for increased port scanning on port 139. The presence of this new bot, just weeks after the Mocbot worm exploited the same vulnerability, underscores the need for everyone to patch their Windows systems ASAP. In particular, those who are still using Windows 2000 and Windows XP SP1 appear to be most vulnerable to this new attack. Prevention requires blocking ports 139 and 445 at the router/firewall. A few antivirus software companies have updated their signature files to include this bot. For more information, see McAfee, Sophos, and Symantec.