A well-known hole Symantec's corporate anti-virus, this one allowing a worm to propagate through vulnerable PCs, is now being exploited. Security firm EEye Digital Security made an announcement concerning the worm, but the announcement was made over seven months ago. Despite that, the flaw is now being exploited, with reports coming in since yesterday. Symantec is more than aware of the flaw, and in fact made a patch available soon after it was discovered. Despite that, many businesses are still running unpatched software, and as a result have come under attack.
While reports of infection are limited, the new worm is still able to find hosts, despite a fix being available for so long. Given that Symantec recently filed suit against a huge piracy ring, it's quite possible that many of these businesses don't know of the flaw because they are using counterfeit software.