Myke (heraldofchaos) wrote in zero_project,
Myke
heraldofchaos
zero_project

SASSER WORM!

http://www.microsoft.com/security/incident/sasser.asp
(the M$ clean)

On May 2, 2004, Symantec Security Response upgraded W32.Sasser.B.Worm to a Category 4 threat. W32.Sasser.B.Worm is a network aware worm that exploits a known Microsoft vulnerability and spreads by scanning randomly chosen IP addresses on Microsoft systems that have not been patched.

(from Symantec)

http://securityresponse.symantec.com/

has hard data on the 4 varents

>W32.Sasser.Worm TYPE 3 THREAT
Type: Worm
Infection Length: 15,872 bytes
Systems Affected: Windows 2000, Windows XP
Systems Not Affected: DOS, Linux, Macintosh, Novell Netware, OS/2, UNIX, Windows 3.x, Windows 95, Windows 98, Windows Me, Windows NT, Windows Server 2003

>W32.Sasser.B.Worm TYPE 4 THREAT
Variants: W32.Sasser.Worm
Type: Worm
Infection Length: 15,872 bytes
Systems Affected: Windows 2000, Windows XP
Systems Not Affected: DOS, Linux, Macintosh, Novell Netware, OS/2, UNIX, Windows 3.x, Windows 95, Windows 98, Windows Me, Windows NT, Windows Server 2003

>W32.Sasser.C.Worm TYPE 2 THREAT
Variants: W32.Sasser.B.Worm
Type: Worm
Infection Length: 15,872 bytes
Systems Affected: Windows 2000, Windows XP
Systems Not Affected: DOS, Linux, Macintosh, Novell Netware, OS/2, UNIX, Windows 3.x, Windows 95, Windows 98, Windows Me, Windows NT, Windows Server 2003

>W32.Sasser.D TYPE 2 THREAT
Type: Worm
Infection Length: 16,384 bytes
Systems Affected: Windows 2000, Windows XP
Systems Not Affected: DOS, Linux, Macintosh, Microsoft IIS, Novell Netware, OS/2, UNIX, Windows 3.x, Windows 95, Windows 98, Windows Me, Windows NT, Windows Server 2003

THIS IS THE REASON WHY ALOT OF OUR SYSTEMS HAVE BEEN ACTING FUNKY!!!

Please run the M$ system check against your system and apply the patch, and use the Symantec tool for removal!
  • Post a new comment

    Error

    default userpic
  • 1 comment