Last Updated: 2006-11-27 19:17:54 UTC
by Joel Esler (Version: 3)
We've received reports from .edu (Thanks!) of a massive new outbreak of bots exploiting the Symantec Client Security and Antivirus escalation of privilege vulnerability. ("new" implying the outbreak, not the vulnerability :)
More details on the vulnerability here.
We have not seen the botnet here at the ISC, but if you are having experience with it, please write in via our "Contact Us" Button, and let us know!
Port traffic on the Symantec Client port (2967) has drastically increased in the past few days.