4899/TCP Probes Still on the Increase

MSI continues to see increasing scans for vulnerabilities associated with port 4899/TCP. These scans are attempting to identify a particular product and gain access to the system through a known exploit.

Please verify that you have eliminated all traffic from the public Internet destined for this port. The original vulnerability has been around a while, but increasing blocks of IP addresses in EMEA are propogating the malicious traffic.

This entry was posted in General InfoSec by Brent Huston. Bookmark the permalink.

About Brent Huston

I am the CEO of MicroSolved, Inc. and a security evangelist. I have spent the last 20+ years working to make the Internet safer for everyone on a global scale. I believe the Internet has the capability to contribute to the next great leap for mankind, and I want to help make that happen!

Leave a Reply