MS04-011 Korgo.Z: Exploits Windows PCT instead of LSASS

Common Tasks

Community

Email Notifications

Personal Links

Security Protection - Harry Waldron (CS)

Security Best Practices, Breaking News, & Updates

This new variant represents a new avenue of attack for unpatched Windows systems.

MS04-011 Korgo.Z: Exploits Windows PCT instead of LSASS
http://securityresponse.symantec.com/avcenter/venc/data/w32.korgoz.html

W32.Korgo.Z is a worm that attempts to propagate by exploiting the Microsoft Windows PCT Buffer Overrun Vulnerability (described in Microsoft Security Bulletin MS04-011) on TCP port 113. Previous Korgo variants used a different vulnerability, the LSASS Buffer Overrun Vulnerability.

Microsoft Security Bulletin MS04-011
http://www.microsoft.com/technet/security/Bulletin/MS04-011.mspx

Posted: Jul 30 2004, 09:35 PM by Harry Waldron | with no comments

Questions? Contact Susan at Susan-at-msmvps.com. Each post's copyright held by the original author. All rights reserved. Blog site is an independent site not sponsored by Microsoft.
Our servers would like to thank www.ownwebnow.com and www.exchangedefender.com. We wouldn't be here without the generosity of Vlad Mazek and his companies.

Powered by Community Server (Commercial Edition), by Telligent Systems

Theme based on the Paperclip Blog Theme included in Community Server.
Enhanced to a Site-Wide Theme by Interscape Technologies.