On Thursday, December 24, 2009, symantec Security Response noticed Active Exploitation of the Multiple Symantec Products Intel Common Base Agent Remote-Command Execution Vulnerability in-the-Wild. Since then, Exploit Activity over T.C.P. Port 12174 has increased dramatically.
On April 28, 2009, symantec issued a Security Advisory (SYM.09-007) and Updates to address this Flaw. Customers are advised to Block Access to T.C.P. Port 12174 at Network Perimeters and to Install the Updates as soon as possible.
For a Comprehensive List of Affected symantec Products and the Associated Fixes, see:
SYM09-007 Security Advisories Relating to Symantec Products: http://www.symantec.com/business/security_response/securityupdates/detail.jsp?fid=security_advisory&pvid=security_advisory&year=2009&suid=20090428_02.
Multiple Symantec Products Intel Common Base Agent Remote-Command Execution Vulnerability: http://www.securityfocus.com/bid/34671.
------------------------------------
Note: If you know anyone using symantec Products, please make them aware of this and ensure they have installed the mentioned Updates.