|
|
04 May 2004
Microsoft customers are being urged to update their patches to protect against a family of internet worms that are spreading fast by exploiting a vulnerability in the Windows operating system.
The Sasser worms exploit the Windows 'Local Security Authority Subsystem Service' (LSASS) flaw, which Microsoft recently advised on. Four variants of the worm have been reported since 1 May.
Security software firm McAfee warned systems are especially at danger, as the virus does not spread via email and no user action is required to propagate it further, anti-virus companies have warned. It simply instructs vulnerable systems to download and execute its viral code.
'Computers which are not properly protected with anti-virus updates, firewalls and Microsoft's security patch are asking for trouble,' added Graham Cluley, senior technology consultant at anti-virus firm Sophos in a statement. Sophos said it has received many reports of this worm in the wild.
Panda Software's Luis Corrons also said that Sasser looked a virulent worm. 'All these signs make for a dark forecast for the beginning of the week when it is expected that the number of incidents will soar at the beginning of the work day,' he said in a statement.
The worm scans random IP addresses for vulnerable systems. When a vulnerable system is found, the worm sends a specially crafted packet to produce a buffer overrun on LSASS.EXE, which causes the program to crash, and essentially the infected system to crash, requiring Windows to reboot.
'More infections can lead to increased network traffic and result in severe network slowdowns, like an internal denial-of-service,' said Joe Hartmann, senior virus researcher and analyst for Trend Micro.
The worm affects Windows 95, 98, ME, NT, 2000 and XP platforms. Customers are recommended to apply the necessary vulnerability patches available from Microsoft to address the LSASS vulnerability.
The Microsoft patch can be found at http://www.microsoft.com/technet/security/bulletin/MS04-011.mspx
You may also like
Search thousands of financial jobs:
Search thousands of financial jobs:
Careers
Search for jobs
Click to search our database of all the latest accountancy roles
Create a profile
Click to set up your profile and let the best recruiters find you
Jobs by email
Sign up to receive regular updates with the latest roles suitable for you
Briefings
By looking at the reasons supplier statements became unfashionable, and the reasons why it is different today, this paper delves into the many benefits that can be obtained by automating the process.
Having a real and true view of your organisation’s current financial position, and having the right systems and processes in place, will ensure that you can make strong choices and are ready to capitalise on opportunities
AccountancyAgeInsight is a frequently updated resource centre for finance professionals, offering a free and easy-to-use digital library of briefings, white papers and other information resources. 
Visitor comments Add your comment