Symantec upgrades Korgo worm warning

Unpatched Windows systems are vulnerable to yet another worm, and its spread is increasing

Antivirus company Symantec has upgraded the threat warning on the W32.Korgo.F worm affecting Microsoft applications, following an increase in submissions over the last 12 hours.

The security response team at Symantec said it had increased the threat level warning on W32.Korgo.F worm from a category two to a category three. However, according to Symantec the threat is still categorised as "well-contained".

Symantec announced the presence of the W32.Korgo.F worm in April of this year, which they say attempts to circulate itself using a Microsoft Windows vulnerability.

According to Symantec, computers using unpatched Windows 2000 and Windows XP operating systems are susceptible to the worm's attack, which opens a back door to the Microsoft system through TCP ports 113 and 3067.

The senior director of Symantec Security Response, Alfred Huger, said the worm is another example of why users need to be diligent in using security patches.

"This backdoor functionality could result in a loss of confidential data and may also compromise security settings," said Huger.

The Symantec Security Response team advises computer uses to apply the Microsoft LSASS Buffer Overrun Vulnerability patch as soon as possible.

ZDNet Australia's staff reported from Sydney. For more coverage from ZDNet Australia, click here.