« July 2004 | Main | April 2004 »

Sunday, May 02, 2004

Sasser Worm

On April 30th, a new worm, Sasser, was released into the wild. This exploits a buffer overflow vulnerability in LSASS and works by scanning the internet for vulnerable PCs and infecting them directly. You don't have to open an email or visit a web site to get infected. Microsoft released a critical update to patch this vulnerability on April 23th, which can be got from Security Bulletin MS04-011 or Windows Update.

After applying the patch, reboot and disinfect your PC with McAfee's Stinger.

The Internet Storm Centre says this about Sasser.

Earlier in this weblog I gave details about patching to prevent the MS-Blaster Worm infecting your PC. There's an updated RPC patch available at MS04-012 (or from Windows Update).

The time to patch is now, not tomorrow, or next week, so get patching.

Microsoft releases its security updates on the second Tuesday of the month, in the early evening GMT. So the second Wednesday of the month is a good time to do your patching.
Posted by Phil at 9:32 PM
Edited on: Saturday, April 23, 2005 10:21 AM
Categories: Computer Security