# Virus alert



## Taimishu (May 3, 2004)

I received this Email from my antivirus software company todat.

David
As of May 2, 2004 10:07 PM (PST), TrendLabs has declared a High Risk Virus alert to control the spread of WORM_SASSER.B. Several infection reports have been received indicating that this worm is spreading in the Latin American region.

This variant of WORM_SASSER.A similarly exploits the Windows "Local Security Authority Subsystem Service" (LSASS) vulnerability, which is a buffer overrun that allows remote code execution and enables an attacker to gain full control of the affected system. 

. http://www.trendmicro.com/vinfo/vir...CROSOFT_WINDOWS
. http://www.microsoft.com/technet/se...n/ms04-011.mspx

To propagate, this worm scans random IP addresses for vulnerable systems. When a vulnerable system is found, the malware sends a specially crafted packet to produce a buffer overrun on LSASS.EXE, which causes the program to crash and eventually require Windows to reboot.


----------



## MisterMike (May 4, 2004)

That thing sucks. I run a dual boot of Win XP and Linux and of course the XP side got it.  :boing2:


----------



## Shodan (May 4, 2004)

Yep!!  My husband got it on his computer as well.......had to download something to get rid of it..........arghhhh!!

  :asian:  :karate:


----------

