Attackers are probing for Windows servers running Trend Micro Inc.‘s ServerProtect antivirus software, researchers warned.
Early today, Symantec Corp.‘s
DeepSight threat network monitored a major spike in traffic over TCP
port 5168, which is related to the remote procedure call service in
ServerProtect. “This may indicate an ongoing mass-scanning and
exploitation attempt trying to exploit vulnerable systems for the newly
disclosed vulnerabilities,” said Symantec analyst Pukhraj Singh in an
alert issued to corporate customers.
Continues at computerworld.com