W32/Rbot-GPL is a network worm and IRC backdoor for the Windows platform.

W32/Rbot-GPL spreads

- to computers vulnerable to common exploits, including: SRVSVC (MS06-040), RPC
-DCOM (MS04-012), ASN.1 (MS04-007), RealVNC (CVE-2006-2369) and Symantec (SYM06-010)
- to MSSQL servers protected by weak passwords
- to network shares protected by weak passwords


The following patches for the operating system vulnerabilities exploited by the worm can be obtained from the Microsoft website:

MS06-040
MS04-012
MS04-007

More information can be found at this Sophos page.