Microsoft has updated the MS05-039 advisory and provides a link to this site for more information about the worm:
It also provides a link to this site for more information regarding Microsoft’s guidance:
This Microsoft Security Advisory is located at this location:
According to US-CERT, Blocking inbound connections to port 445 will provide protection against this worm.
The FTP server that the worm sets up does not run on the standard FTP port, but runs on 33333/TCP.
In addition, US-CERT has received a report that the IP address 126.96.36.199 is being used to further propagate Zotob infections.