Common Tasks

Recent Posts

Community

Email Notifications

Personal Links

Archives

Security Protection - Harry Waldron (CS)

Security Best Practices, Breaking News, & Updates

MS04-011 Korgo.Z: Exploits Windows PCT instead of LSASS

  This new variant represents a new avenue of attack for unpatched Windows systems.

MS04-011 Korgo.Z: Exploits Windows PCT instead of LSASS
http://securityresponse.symantec.com/avcenter/venc/data/w32.korgoz.html

W32.Korgo.Z is a worm that attempts to propagate by exploiting the Microsoft Windows PCT Buffer Overrun Vulnerability (described in Microsoft Security Bulletin MS04-011) on TCP port 113. Previous Korgo variants used a different vulnerability, the LSASS Buffer Overrun Vulnerability.

Microsoft Security Bulletin MS04-011
http://www.microsoft.com/technet/security/Bulletin/MS04-011.mspx