Aunty Spam's
Slam a Spammer Blog

Add to My Yahoo! Home RSS Archives

May 3, 2004

New Sasser Virus Worm Attacks Windows Computers

Posted 3 days, 19 hours ago on May 3, 2004 The newest of the sinsister worm types of viruses, Sasser, has attacked Windows-based computers around the world.

Even more insidious than its earlier siblings, Sasser scans the Internet for computers with the Microsoft security flaw which allows it to do its dirty work, and then Sasser installs a copy of itself there. And Sasser does not need the user to activate it by opening an email attachment, running a program, or anything else like that. It arrives and runs all by itself!

Microsoft announced the security hole in the Local Security Authority Subsystem Service, and an update, last month, but many computers still have not been upgraded.

Users can get more information about the Microsoft security hole and fix at:
http://www.microsoft.com/technet/security/CurrentDL.aspx

Just one more reason why Aunty is happy to be using only OSX and other flavours of *nix and BSD.

The trackback url for this post is http://www.aunty-spam.com/bblog/trackback.php/25/

Re: New Sasser Virus Worm Attacks Windows Computers

Posted 3 days, 9 hours ago by Luisa Monserrat • @ • • Reply

What a coincidence: Win XT an Win2000 are beeing used since about 4 years and Sasser appears just 20 days after Micrsoft makes public the security issue... So, seriously, I'm sure Sasser is the by-product of Microsoft and It was developed by a hacker who just "disassembled" the Microsoft patch and discovered the security hole. Thank you, Microsoft, thak you Billy Gates, for a more secure Internet environment.

Trackback URL : http://www.aunty-spam.com/bblog/trackback.php/25/45/

Re: New Sasser Virus Worm Attacks Windows Computers

Posted 2 days, 21 hours ago by Ben Sanders • • • Reply

Actually, the patch stops the attack of Sasser. The people getting hit are the people who did not install the patch. Microsoft released this well before anyone exploited the flaw. The hackers are just taking advantage of laziness.

Trackback URL : http://www.aunty-spam.com/bblog/trackback.php/25/48/

Re: New Sasser Virus Worm Attacks Windows Computers

Posted 3 days, 9 hours ago by Connie Devine • • • Reply

Now, now Luisa, just because you think someone is following you doesn;t mean they aren'y;-) Seriously I got McAfee several years ago and once I iinstalled it I suddenly had a boot sector vrus. Now I could say it was McAfee trying to sell more software, but I guess it just isn't my nature. Connie

Trackback URL : http://www.aunty-spam.com/bblog/trackback.php/25/46/

Re: New Sasser Virus Worm Attacks Windows Computers

Posted 3 days, 4 hours ago by Martin Jones • @wwwReply

Just wondering. The 'fixes' seem to be just for computer servers. Not stand alone home PCs. Since Sasser travels via the net from server to server it seems it could hit a home PC as well. w98se, at least, has a special folder in windows that allows your internet connection to interconnect to other servers. You can actually 'save' a server domain in Windows and have access to it while online. With w98se just goto path C:\servers...you'd be surprised how many 'server's you are hooked up to. Couldn't this new virus download there and from there spread to other servers? I'd love to know just what the filename for sasser is!

Trackback URL : http://www.aunty-spam.com/bblog/trackback.php/25/47/

Re: New Sasser Virus Worm Attacks Windows Computers

Posted 2 days, 19 hours ago by Scott Knowles • • • Reply

Here's the latest word on Sasser and it's removal: http://www.washingtonpost.com/wp-dyn/articles/A62330-2004May3.html (NOTE: may require registration with the Washington Post)

Trackback URL : http://www.aunty-spam.com/bblog/trackback.php/25/49/

Re: New Sasser Virus Worm Attacks Windows Computers

Posted 2 days, 19 hours ago by Scott Knowles • • • Reply

CORRECTION : here's a better link ... direct to Microsoft (sorry) - http://www.microsoft.com/security/incident/sasser.asp

Trackback URL : http://www.aunty-spam.com/bblog/trackback.php/25/50/

Re: New Sasser Virus Worm Attacks Windows Computers

Posted 2 days, 17 hours ago by Tremaine • • wwwReply

Just a heads up, there is now a public proof of concept and exploit code available for Microsoft Windows Private Communications Transport Protocol. This exploit of Microsoft Windows Private Communications Transport Protocol allows remote parties/worms to execute arbitrary code gaining complete control of the target system. This affects all NT/XP/Server distributions of Windows. Applying the necessary patches will of course prevent this from occurring, and users of these operating systems are encouraged to block access to (or disable) services and only provide local access to trusted users. I predict we'll see this exploit wormed up within 72 hours.

Trackback URL : http://www.aunty-spam.com/bblog/trackback.php/25/51/

Re: New Sasser Virus Worm Attacks Windows Computers

Posted 2 days, 14 hours ago by Jeff Baker • • • Reply

Thank you Copper.net and PC cillin for keepin' all these wolves from the door of my XP system. If I don't know from whence it comes, it goes straight into my shredder and is rendered into a harmless cyberfart.

Trackback URL : http://www.aunty-spam.com/bblog/trackback.php/25/52/

Patched 'em all

Posted 2 days, 13 hours ago by Revenant • • • Reply

Two weeks ago I ran a complete check of all the work machines for the new patches, and the only machines reported as vulnerable were those that hadn't been rebooted that week. :) We run SUS (software update services), basically Automatic Updates for large networks, but the principle is the same with the standard Automatic Updates: you should set them up so that you are always AT LEAST NOTIFIED of new updates. That way, you have no excuse if you get bitten through a hole that you could have plugged.

Trackback URL : http://www.aunty-spam.com/bblog/trackback.php/25/53/

Re: New Sasser Virus Worm Attacks Windows Computers

Posted 2 days, 9 hours ago by Anonymous • • • Reply

Trackback URL : http://www.aunty-spam.com/bblog/trackback.php/25/54/

Add Comment

( to reply to a comment, click the reply link next to the comment )

 
Comment Title
 
Your Name:
 
Email Address:
Make Public?
 
Website:
Make Public?
 
Comment:
 
 
 

Recently

Should Aunty Spam Include...
Update on Richter versus World
419ing the 419er: In Which...
Curiouser and curiouser -...
Microsoft and Ironport's...

Aunty Spam Provided By ISIPP

CAN-SPAM Teleseminar 5/6/04
CAN-SPAM Teleseminar 5/13/04
Spam & the Law Conference 7/29/04
CAN-SPAM Compliance Pack

Other Blogs & Sites

Fun Anti-Spam Novelty Products
The Spam Blog
Spam Primer
DadsRights.org




Slam a Spammer
Store!
Powered by bBlog