MS06-040 Windows Server service vulnerability

No Rise in Attacks Seen

But on Friday Microsoft said that even with these new variants, the total number of computers being attacked was unchanged. "We're not seeing an increase in attacks, just minor variations," said Stephen Toulouse, security program manager with Microsoft's Security Response Center.

Symantec's Oliver Friedrichs agreed that "the overall volume of attack attempts is fairly consistent," but he said that the fact that hackers had continued to pound away at the MS06-040 vulnerability is troubling. "The fact that we are seeing more threats exploiting these vulnerabilities, that in itself is disconcerting," said Friedrichs, a director of emerging technologies in Symantec Security Response.

Symantec has counted six variants of the MS06-040 attacks to date. Symantec rates the two new programs spotted this week, W32.Dasher.G and W32.Spybot.AKNO, as low risks.


U.S. Infrastructure at Risk?

The MS06-040 patch has to do with Windows' Server services, which are used for a variety of networking tasks, such as file sharing and printing. Because the flaw relates to widely used and network-enabled features, security experts have warned that it is a likely candidate for a widespread worm. Shortly after the patch was released, the U.S. Department of Homeland Security took the unusual step of warning users of the flaw, saying it could put the nation's infrastructure at risk.