Video | Business Headlines | Internet | Science | Scientific Ethics | Technology | Search


Symantec discovers malicious code

Symantec discovers malicious code targeting Microsoft PCT vulnerability

Wed, 28 April 2004

Symantec has discovered malicious code that targets the Microsoft Windows Private Communications Transport Protocol (PCT) vulnerability. This vulnerability is present on unpatched Windows NT, 2000, XP and Windows Server 2003 systems.

The malicious code -- currently called backdoor.mipsiv -- opens ports on the victim's system, implements a denial-of-service attack against a third-party DNS server system and also receives command/control instructions via Internet Relay Chat (IRC) channels.

Symantec has detected attempts at compromising systems on our monitored global sensor network and has raised its ThreatCon Rating to Level 3 as a precautionary measure. Symantec Security Response experts are currently analyzing the heavily encrypted code and will provide more details as they become available. The team is also determining if the code is a worm or a bot. Bot -- short for roBot -- is a program used on the Internet that performs repetitive functions including searching for news or information.

"Symantec is currently analyzing automated sample code that takes advantage of the MS PCT vulnerability," said Vincent Weafer, senior director, Symantec Security Response. "We're seeing an increase in the number of exploits attempts and an increase in reconnaissance attacks through our DeepSight sensors and Managed Security Services devices . We highly encourage our customers to expedite their patching if they haven't already."

The Microsoft PCT vulnerability affects all IIS Web servers running Microsoft IIS with SSL enabled. Windows 2003 server is not vulnerable unless the PCT protocol has been enabled by the administrator. Users should install the patch immediately. If it is not possible, they can disable the PCT protocol in the registry. Additionally, vulnerability assessment and intrusion detection systems can be deployed to detect the presence of the vulnerability and/or the presence of the exploit. For more information about this vulnerability:


© Scoop Media

Business Headlines | Sci-Tech Headlines


ScoopPro: Helping The Education Sector Get More Out Of Scoop

The ScoopPro professional license includes a suite of useful information tools for professional users of Scoop including some specifically for those in the education sector to make your Scoop experience better. More>>

Big Tax Bill Due: Destiny Church Charities Deregistered

The independent Charities Registration Board has decided to remove Destiny International Trust and Te Hahi o Nga Matamua Holdings Limited from the Charities Register on 20 December 2017 because of the charities’ persistent failure to meet their annual return obligations. More>>

57 Million Users' Data: Uber Breach "Utterly Preventatable"

Cybersecurity leader Centrify says the Uber data breach of 57 million customer and driver records - which the ride-hailing company hid for more than a year - was “utterly preventable”. More>>

Scoop 3.0: How You Can Help Scoop’s Evolution

We have big plans for 2018 as we look to expand our public interest journalism coverage, upgrade our publishing infrastructure and offer even more valuable business tools to commercial users of Scoop. More>>

Having A Cow? Dairy Product Prices Slide For Fourth Straight Auction

Dairy product prices fell at the Global Dairy Trade auction, retreating for the fourth straight auction amid signs of increased production... Whole milk powder fell 2.7 percent to US$2,778 a tonne. More>>


Statistics: Butter At Record $5.67/Block; High Vegetable Prices

Rising dairy prices have pushed food prices up 2.7 percent in the year to October 2017, Stats NZ said today. This followed a 3.0 percent increase in the year to September 2017. More>>


Science: New Research Finds Herbicides Cause Antibiotic Resistance

New University of Canterbury research confirms that the active ingredients of the commonly used herbicides, RoundUp, Kamba and 2,4-D (glyphosate, dicamba and 2,4-D, respectively), each alone cause antibiotic resistance at concentrations well below label application rates. More>>