Hackers have begun actively scanning for recently announced vulnerabilities in Trend Micro's ServerProtect product.

Security watchers at the Internet Storm Centre (ISC) have noted a huge upsurge of traffic on TCP port 5168, associated with security bugs in ServerProtect (an enterprise software product designed to protect servers and storage attacks).

Flaws in the application create a means for miscreants to load malware onto vulnerable systems. Fortunately, Trend Micro has published software updates designed to plug the security hole.

ServerProtect for Windows version 5.58 Build 1176 is known to be vulnerable, but other versions may also be flawed. Trend advises users to update to Build 1185.

Sys admins are advised to patch up vulnerable systems or run the risk of dealing with compromised machines. "It looks likes machines are getting owned with this vulnerability," ISC warned on Wednesday.

More information on the vulns can be found in advisories from security tools vendor ISS, which discovered the majority of the vulnerabilities, here and here. ®

Related stories

• Trend Micro buys leak prevention firm (25 October 2007)
• False positives run amok in Vista anti-virus tests (3 August 2007)
• The decline of antivirus and the rise of whitelisting (27 June 2007)
• Trend Micro boosts Vista package, extends Hotmail deal (26 June 2007)
• Trend Micro overhauls EMEA channel programme (26 April 2007)
• Trend Micro to kick butt on botnets (26 September 2006)
• Trend Micro archive bug unearthed (25 February 2005)
• Trend Micro squashes buffer overflow bug (12 December 2002)