Skip to content

CavsPlace by Cavalier Broadband

Narrow screen resolution Wide screen resolution Auto adjust screen size Increase font size Decrease font size Default font size

Got wireless?

If you have a personal router and are connecting it to our network, wait! Please visit the appropriate section for a "how-to" first! Incorrectly configured or connected routers are one of the top reasons your connection gets suspended.

Going somewhere?

When going on break, please take a minute to look over the "best practices" of what to do when leaving on break .

Need help?

It's always a good idea to have this checklist handy. Over 90% of the calls we get from folks who can't access the internet are "self solved" here.
Home
Big Yellow Worm Alert! Protect Yourself! PDF Print E-mail
Written by Wahoo Prime   
Tuesday, 27 February 2007

BIG YELLOW ALERT! 

We've seen a lot of activity in the past day related to a problem with a vulnerability that attacks Symantec AntiVirus software. Yes we know that might seem like an oxymoron, but we didn't make it up either. We broke this two days before it became common knowledge. Read more about it here .

What software is affected? By the way, the worm is called "RINBOT", you can read more about it here . Unpatched Microsoft Windows PC's and user with Symantec Antvirus (versions below) are affected if they have not performed a recent update. 

 
Symantec, Symantec Client Security, Version 3.1.400
Symantec, Symantec Client Security, Version 3.1.394
Symantec, Symantec Client Security, Version 3.0.2.2020
Symantec, Symantec Client Security, Version 3.0.2.2010
Symantec, Symantec Client Security, Version 3.0
Symantec, Symantec Client Security, Version 3.1
Symantec, Symantec AntiVirus, Version Corporate 10.1.400
Symantec, Symantec AntiVirus, Version Corporate 10.1.394
Symantec, Symantec AntiVirus, Version Corporate 10.0.2.2020
Symantec, Symantec AntiVirus, Version Corporate 10.0.2.2010
Symantec, Symantec AntiVirus, Version Corporate 10.0
Symantec, Symantec AntiVirus, Version Corporate 10.1

Some additional information indicates recent trends on this vulnerability appears to be related to an IRC BOT mostly aimed at colleges, but others, too. This link gives a rather good explanation of the exploit http://asert.arbornetworks.com/2006/11/that-new-bot-irc-bot-attacking-symantec-overflow/ Helpful hints: Look in C:\Windows for w32svc.exe. That's a bad thing if you have it. Also, look in services for "Windows Network Firewall", another bad thing.

 It might also be advisable to set your windows firewall to block ports TCP 445/2967/19555 & UDP 62050 in either direction until you are sure your software is properly updated.

Last Updated ( Monday, 05 March 2007 )
 
< Prev   Next >
[ Back ]

RIAA News

RIAA Offers Online Settlements - AT A DISCOUNT! 

Don't be caught downloading intellectual property IMPROPERLY. For those of you who are, the RIAA is now offering online settlements.

If you are going to download music and other files from an unknown user or source, we suggest you read this first

Complaints flooding in from the RIAA!

Colleges and Universities are finding themselves in the hotseat from the RIAA. Read more about it here .

Popular

Newsflash

UVa Targeted by RIAA

As reported by the Daily Progress (full article here ), seven users on the UVa network have been targeted by the RIAA for illegal music download files.

 The University of Virginia tracks which user uses each IP address at any given time (just like we do). As a result, they are able to forward these warnings on to the actual user(s) that downloaded the files.  If the users do not "settle", they may find themselves the targetof a lawsuit.

 We ask that if you have not actually "bought" a song or movie, that you not download it so we don't have to forward these same letters on to you.