When you purchase through links on our site, we may earn an affiliate commission. Here’s how it works.

Patch up - Korgo worm

Neowin · with -1 comments

Korgo is a variant of the sasser worm - it uses the same Windows vulnerability.

"W32.Korgo.F is a minor variant of W32.Korgo.E. It is a worm that attempts to propagate by exploiting the Microsoft Windows LSASS Buffer Overrun Vulnerability (BID 10108) on TCP port 445. It also listens on TCP ports 113, 3067, and other random ports."

However, the worm packs a nasty keylogger which sends your key strokes to the virus author. Clearly, this presents serious security problems, with the potential for credit card info, passwords, and much much more to be exploited. Neowin urges all its readers to apply the Microsoft patch, and update / scan their systems with any anti-virus software. For a free solution, try AVG Anti-virus.

It is important to note that you could easily get this worm without you knowing it; it is delivered simply by being connected to a network or to the Internet without a firewall.

View: Removal Tool from Symantec

View: MS Security Bulletin + Patch

View: More info @ Symantec Security response

Report a problem with article
Next Article

Microsoft Visual FoxPro 9.0 public beta

Previous Article

Microsoft's anti-spam plan 'hijacked by zombies'

Join the conversation!

Login or Sign Up to read and post a comment.

-1 Comments - Add comment