This new IRC based threat attempts to spread using a number of security exploits, including the SYM06-010 vulnerability recently highlighted by several security sources.  Staying up-to-date on all software updates as well AV protection, can prevent the 7 different methods this worm tries to infect vulnerable systems.  

SC Magazine Article
http://www.scmagazine.com/uk/news/article/606932/botnets-exploit-patched-symantec-stack-overflow-flaw/

Symantec Weblog
http://www.symantec.com/enterprise/security_response/weblog/2006/11/spybot_attempts_to_exploit_old.html

W32.Spybot.ACYR Description
http://www.symantec.com/enterprise/security_response/writeup.jsp?docid=2006-112810-5302-99

New Botnet impacts Symantec Client Port 2967 on unpatched PCs
http://msmvps.com/blogs/harrywaldron/archive/2006/11/27/new-botnet-impacts-symantec-client-port-2967-on-unpatched-pcs.aspx

Spread by exploiting the following vulnerabilities:

• The Microsoft Windows DCOM RPC Interface Buffer Overrun Vulnerability (described in Microsoft Security Bulletin MS03-026)
• The Microsoft Windows Message Queuing Remote Buffer Overflow Vulnerability (as described in Microsoft Security Bullettin MS05-017)
• The Microsoft ASN.1 Library Multiple Stack-Based Buffer Overflow vulnerabilities (as described in Microsoft Security Bulletin MS04-007)
• The Microsoft Windows Plug and Play Buffer Overflow Vulnerability (as described in Microsoft Security Bullettin MS05-017)
• The Microsoft Windows Server Service Remote Buffer Overflow Vulnerability (as described in Microsoft Security Bulletin MS06-040)
• Multiple Vendor FTPD realpath Vulnerability (as described in CVE-1999-0368)
• Symantec Client Security and Symantec AnitVirus Elevation of privilege (as described in Symantec Advisory SYM06-010)