New Sasser Virus Worm Attacks Windows Computers
0 (0)

The Internet Patrol - Patrolling the Internet for You
Rate this post!
 

The newest of the sinsister worm types of viruses, Sasser, has attacked Windows-based computers around the world.

Even more insidious than its earlier siblings, Sasser scans the Internet for computers with the Microsoft security flaw which allows it to do its dirty work, and then Sasser installs a copy of itself there. And Sasser does not need the user to activate it by opening an email attachment, running a program, or anything else like that. It arrives and runs all by itself!


Sasser has been responsible for impeding and impairing hundreds of thousands of computer systems around the world, including at airports and security points.

Microsoft announced the security hole in the Local Security Authority Subsystem Service (LSASS.EXE), and an update, last month, but many computers still have not been upgraded.

Users can get more information about the Microsoft security hole and fix at:
http://www.microsoft.com/technet/security/CurrentDL.aspx

No Paywall Here!
The Internet Patrol is and always has been free. We don't hide our articles behind a paywall, or restrict the number of articles you can read in a month if you don't give us money. That said, it does cost us money to run the site, so if something you read here was helpful or useful, won't you consider donating something to help keep the Internet Patrol free?
Click for amount options
Other Amount:
What info did you find here today?:

 

Just one more reason why Aunty is happy to be using only OSX and other flavours of *nix and BSD.

No Paywall Here!
The Internet Patrol is and always has been free. We don't hide our articles behind a paywall, or restrict the number of articles you can read in a month if you don't give us money. That said, it does cost us money to run the site, so if something you read here was helpful or useful, won't you consider donating something to help keep the Internet Patrol free?
Click for amount options
Other Amount:
What info did you find here today?:

Rate this post!
 

9 thoughts on “New Sasser Virus Worm Attacks Windows Computers
0 (0)

  1. Just a heads up, there is now a public proof of concept and exploit code available for Microsoft Windows Private Communications Transport Protocol.

    This exploit of Microsoft Windows Private Communications Transport Protocol allows remote parties/worms to execute arbitrary code gaining complete control of the target system. This affects all NT/XP/Server distributions of Windows.

    Applying the necessary patches will of course prevent this from occurring, and users of these operating systems are encouraged to block access to (or disable) services and only provide local access to trusted users.

    I predict we’ll see this exploit wormed up within 72 hours.

  2. Two weeks ago I ran a complete check of all the work machines for the new patches, and the only machines reported as vulnerable were those that hadn’t been rebooted that week. :)

    We run SUS (software update services), basically Automatic Updates for large networks, but the principle is the same with the standard Automatic Updates: you should set them up so that you are always AT LEAST NOTIFIED of new updates. That way, you have no excuse if you get bitten through a hole that you could have plugged.

  3. Thank you Copper.net and PC cillin for keepin’ all these wolves from the door of my XP system. If I don’t know from whence it comes, it goes straight into my shredder and is rendered into a harmless cyberfart.

  4. Here’s the latest word on Sasser and it’s removal:

    http://www.washingtonpost.com/wp-dyn/articles/A62330-2004May3.html

    (NOTE: may require registration with the Washington Post)

  5. Actually, the patch stops the attack of Sasser. The people getting hit are the people who did not install the patch. Microsoft released this well before anyone exploited the flaw. The hackers are just taking advantage of laziness.

  6. Just wondering. The ‘fixes’ seem to be just for computer servers. Not stand alone home PCs. Since Sasser travels via the net from server to server it seems it could hit a home PC as well. w98se, at least, has a special folder in windows that allows your internet connection to interconnect to other servers. You can actually ‘save’ a server domain in Windows and have access to it while online. With w98se just goto path C:servers…you’d be surprised how many ‘server’s you are hooked up to. Couldn’t this new virus download there and from there spread to other servers? I’d love to know just what the filename for sasser is!

  7. Now, now Luisa, just because you think someone is following you doesn;t mean they aren’y;-)
    Seriously I got McAfee several years ago and once I iinstalled it I suddenly had a boot sector vrus. Now I could say it was McAfee trying to sell more software, but I guess it just isn’t my nature.
    Connie

  8. What a coincidence: Win XT an Win2000 are beeing used since about 4 years and Sasser appears just 20 days after Micrsoft makes public the security issue…
    So, seriously, I’m sure Sasser is the by-product of Microsoft and It was developed by a hacker who just “disassembled” the Microsoft patch and discovered the security hole.
    Thank you, Microsoft, thak you Billy Gates, for a more secure Internet environment.

Leave a Reply

Your email address will not be published. Required fields are marked *

This site is protected by reCAPTCHA and the Google Privacy Policy and Terms of Service apply.