Mynex Contact Us  
Message Center | PC Repair | USA Auctiondrop | USA Overstock Direct | Mynex Portal
:: Site Map

Let Mynex remove viruses and spam from your e-mail before you download it!
No software required! All filtering is performed before it reaches your account at Mynex.
"It's good to have more than one wall of defense."

Click Here for pricing & information

The latest news on the Sasser internet worm outbreak

Last updated: 4 May 2004

 

Sasser Removal Tool - Click Here

 

Sophos technical support has warned users of the W32/Sasser-A and W32/Sasser-B worms, which are spreading across the internet, and is providing information to businesses on how best to protect themselves.

 

The Sasser worms, which do not travel via email, exploits the LSASS (Local Security Authority Subsystem Service) vulnerability first reported by Microsoft on April 13, described in Microsoft Security Bulletin MS04-011, to infect computers connected to the internet.

 

"The Sasser worm spreads in a similar way to last year's serious Blaster outbreak - it travels via the internet exploiting security holes in Microsoft's software and doesn't rely on email," said Graham Cluley, senior technology consultant for Sophos.

 

"Home users are particularly vulnerable to attacks like this, because they are often not running the latest anti-virus protection, haven't downloaded the latest security patches from Microsoft, and may not be running a personal firewall".

 

"Companies should deploy the patch from Microsoft, ensure their firewall is set up correctly and update the anti-virus on their desktop and servers."

 

Home users are advised to visit windowsupdate.microsoft.com.

 

The security vulnerability, which Microsoft has described as "critical", is said to affect the following Microsoft software:

    Microsoft Windows NT Workstation 4.0 Service Pack 6a
    Microsoft Windows NT Server 4.0 Service Pack 6a
    Microsoft Windows NT Server 4.0 Terminal Server Edition Service Pack 6
    Microsoft Windows 2000 Service Pack 2
    Microsoft Windows 2000 Service Pack 3
    Microsoft Windows 2000 Service Pack 4
    Microsoft Windows XP
    Microsoft Windows XP Service Pack 1
    Microsoft Windows XP 64-Bit Edition Service Pack 1
    Microsoft Windows XP 64-Bit Edition Version 2003
    Microsoft Windows Server 2003
    Microsoft Windows Server 2003 64-Bit Edition
    Microsoft NetMeeting
    Microsoft Windows 98
    Microsoft Windows 98 Second Edition (SE)
    Microsoft Windows Millennium Edition (ME)

However, the Sasser worm is only capable of successfully infecting Windows XP and Windows 2000 systems.

Sasser worm disinfection tool

 

You can remove the W32/Sasser worms automatically from infected computers with Resolve:

The tool detects and disinfects Sasser infections.

Sophos reminds users to update their anti-virus protection and to ensure that they have installed the patch described in Microsoft Security Bulletin MS04-011.

 

Excerpts of this article are Copyright 2004 Sophos LLC