Network Computing is part of the Informa Tech Division of Informa PLC

This site is operated by a business or businesses owned by Informa PLC and all copyright resides with them. Informa PLC's registered office is 5 Howick Place, London SW1P 1WG. Registered in England and Wales. Number 8860726.

Hackers Renew Windows 'MS06-040' Attacks: Page 3 of 3

"There's been a lot of activity exploiting the MS06-040 vulnerability," said Cole. "Randex, Stration, a number of threats. Once an exploit is released, everyone scrambles to include it."

By Symantec's tally, six known bots are leveraging the MS06-040 exploit. That was enough for the Cupertino, Calif. security company to push its ThreatCon security status ranking from "1" to "2" on Thursday.

"It's a cumulative thing," said Cole, acknowledging that no single exploit caused the company to up its alert level. "The increase in infection angles and the activity on port 139 and 445 shows it's a problem across the board."

Both Symantec and the ISC urged users to patch their systems with the fix issued with MS06-040. If patching isn't possible -- or one is simply not available, as is the case for Windows NT users -- users should filter or block TCP ports 139 and 445, the pair advised.