Hackers prowl for Trend Micro vuln

Lock up your servers

Hackers have begun actively scanning for recently announced vulnerabilities in Trend Micro's ServerProtect product.

Security watchers at the Internet Storm Centre (ISC) have noted a huge upsurge of traffic on TCP port 5168, associated with security bugs in ServerProtect (an enterprise software product designed to protect servers and storage attacks).

Flaws in the application create a means for miscreants to load malware onto vulnerable systems. Fortunately, Trend Micro has published software updates designed to plug the security hole.

ServerProtect for Windows version 5.58 Build 1176 is known to be vulnerable, but other versions may also be flawed. Trend advises users to update to Build 1185.

Sys admins are advised to patch up vulnerable systems or run the risk of dealing with compromised machines. "It looks likes machines are getting owned with this vulnerability," ISC warned on Wednesday.

More information on the vulns can be found in advisories from security tools vendor ISS, which discovered the majority of the vulnerabilities, here and here. ®

Sponsored: How to determine if cloud backup is right for your servers