Taimishu
Blue Belt
I received this Email from my antivirus software company todat.
David
As of May 2, 2004 10:07 PM (PST), TrendLabs has declared a High Risk Virus alert to control the spread of WORM_SASSER.B. Several infection reports have been received indicating that this worm is spreading in the Latin American region.
This variant of WORM_SASSER.A similarly exploits the Windows "Local Security Authority Subsystem Service" (LSASS) vulnerability, which is a buffer overrun that allows remote code execution and enables an attacker to gain full control of the affected system.
. http://www.trendmicro.com/vinfo/vir...CROSOFT_WINDOWS
. http://www.microsoft.com/technet/se...n/ms04-011.mspx
To propagate, this worm scans random IP addresses for vulnerable systems. When a vulnerable system is found, the malware sends a specially crafted packet to produce a buffer overrun on LSASS.EXE, which causes the program to crash and eventually require Windows to reboot.
David
As of May 2, 2004 10:07 PM (PST), TrendLabs has declared a High Risk Virus alert to control the spread of WORM_SASSER.B. Several infection reports have been received indicating that this worm is spreading in the Latin American region.
This variant of WORM_SASSER.A similarly exploits the Windows "Local Security Authority Subsystem Service" (LSASS) vulnerability, which is a buffer overrun that allows remote code execution and enables an attacker to gain full control of the affected system.
. http://www.trendmicro.com/vinfo/vir...CROSOFT_WINDOWS
. http://www.microsoft.com/technet/se...n/ms04-011.mspx
To propagate, this worm scans random IP addresses for vulnerable systems. When a vulnerable system is found, the malware sends a specially crafted packet to produce a buffer overrun on LSASS.EXE, which causes the program to crash and eventually require Windows to reboot.
