Symantec has observed a number of attacks on PCs using the Windows 2000 operating system that haven’t installed a recent Windows Media Service patch.
According to Tech World, the first attacks were made on Monday with just a small number of infections observed, but the security vendor warned that the code used in these attacks was new and gives hackers root access to a PC.
Although a known rootkit exists for this flaw, the current spate of attacks use a new and previously unknown code. Symantec’s security intelligence manager Joshua Talbot noted that: “Somebody’s done some homework on their own and developed their own exploit.”
Known as patch-based exploits, these types of attack identify loopholes that have been closed in a recent patch, and seek to target users who are slow to implement the update. In this case, the hackers have had a extra time to develop malicious code, as the previous patch failed to properly lock down the vulnerability.