Korgo worm on the move: Symantec

Anti-virus company Symantec has upgraded the threat warning on the W32.Korgo.
Written by ZDNET Editors, Contributor on
Anti-virus company Symantec has upgraded the threat warning on the W32.Korgo.F worm affecting Microsoft applications, following an increase in submissions over the last 12 hours.

The security response team at Symantec said it had increased the threat level warning on W32.Korgo.F worm from a level two to a level three. However, according to Symantec the threat is still categorised as "well-contained".

Symantec announced the presence of the W32.Korgo.F worm in April of this year, which they say attempts to circulate itself using a Microsoft Windows vulnerability.

According to Symantec, computers using un-patched Windows 2000 and Windows XP operating systems are susceptible to the worm's attack, which opens a back door to the Microsoft system through TCP ports 113 and 3067.

Senior director of Symantec Security Response, Alfred Huger, said the worm is another example of why users need to be diligent in using security patches.

"This backdoor functionality could result in a loss of confidential data and may also compromise security settings," said Huger.

The Symantec Security Response team advises computer uses to apply the Microsoft LSASS Buffer Overrun Vulnerability patch as soon as possible.

Editorial standards