3 May 2004
Sasser Worm Strikes
Posted by Zane under: Technology .
Extra! Extra! Read all about it. Get your antivirus updates now. There is a horrible virus lurking out there by the name of W32.Sasser.Worm.
Tech security experts always tell you to never open email attachments without a confirmation from the email sender. That’s because executables sent in the mail as attachments are usually used by viruses and worm to spread to other users. The latest worm to be released, Sasser, is an exception. It doesn’t spread through email.
Sasser spreads by attacking a flaw in Microsoft Windows XP and 2000’s Local Security Authority Subsystem Service (LSASS). Sasser essentially looks for a port vulnerability on a randomly generated IP address. When it finds an opening, it overflows a buffer in LSASS.EXE. Sasser then uses FTP and connects back to the originating computer to download a copy of the worm.
Symantec W32.Sasser.Worm Removal Tool
Leave a Reply
You must be logged in to post a comment.