New Windows Worm on the Loose
Dynamoo writes "The Internet Storm Center has issued a Yellow Alert due to the spread of the Sasser worm exploiting Windows 2000 and XP machines through a documented flaw in the Local Security Authority Subsystem Service (LSASS) as described in Microsoft Bulletin MS04-011. Initial analysis seems to indicate classic Blaster-style worm behaviour. Right now I'm just getting a probe every 10 minutes or so on my firewall, but this is bound to escalate sharply as the pool of infected machines grows. Of course all good Windows-using Slashdotters visit Windows Update regularly and have a firewall, don't you? More information at Computer Associates, F-Secure, Symantec and McAfee."
the luxury of being behind a nat box with all ports off and not having to deal with such nonsense
What is this 'Windows Update' of which you speak?
Liberals call everyone Nazis yet they are the closest thing to it.
A new worm?Oh, there it is.
Trolling is a art,
Atleast for me as the local consumer support guy.
Thanks Microsoft.
A smile crept across my face after reading this story and then noticing a microsoft ad underneath informing the reader that Windows Server cost of ownership is lower than Linux cost of ownership!
The add server must be based on Microsoft's new Irony.NET framework!
No need, I receive all the Windows critical updates by email. I don't know how I got subscribed to that mailing list, but it's damn convenient.
I have a Mac, you insensitive clod...
Where the value of X-Mailer: is the true measure of a man...
In light of this, would someone please explain why I would ever want a Mac? None of the really good viruses or worms are ever ported to it, no matter how successful they are!
I'm impressed that they got the headline right!
The worm seems to install a ftp server on infected machines. So, wouldn't it be nice to have every box that detects a connection on port 554, reply with an upload of a new wallpaper to the infected windows box with some message like "install a firewall, moron"
I consider it a public service. Maybe you can even deduct the bandwith for the upload from you tax.
I REALLY hate working dial-up tech support.
(ring)
sigh....
after reading this on the /. front page, i runned the windows update, that i don't visit for more than a year...
and after some time, a windows pops up with the text:
"The software you are instaling has not passed the Windows Logo testing to verify its compatibility with Windows XP. bla bla bla"
"This software will *not be instaled*. Contact your system administrator."
Ok, so i contact myself, and wonders what the hell?!?
I just give M$ a lot of information about the operating system that i'm running... they wrote the frign thing, and even so, they don't know what will run in it, or what will pass their own crap compatibility verification!
but well, that's it... i just click "OK" --the only button-- and see the same windows appears 3 times more... and blissfuly keep my ignorance of what's going on with the instalation.
Only consumer whores and other types of idiots choose to toss out the computer instead of just wiping the hard drive and installing something else.
How refreshing. A Slashdot article about a worm exploiting Windows, without the usual childish jibes. Or FUD. Or spelling mistakes. Well done, Dynamoo!
Of course, then came the comments... :-)
... if we replaced the posts of this thread with the messages posted after a previous worm-announcement, would anyone notice ? :)
;-)
Linux_Zealot says : 5 Insightful - I am using Linux now !
M$_wizard : 5 Interesting - Worms always appear after a security notice from Microsoft Knowledge Base ; so, openness is bad !
security_Teacher : 5 Insightful - Of course, no one should run anything as root but cricital administration tasks, and a firewall is essential.
n00b : -1 Troll - Windows Sucks !!!
Well... That's just a little... repetitive
After I changed email address, I couldn't figure out where I'd subscribed to that newsletter, either... I'd really like it back...
http://fedora.redhat.com
http://www.gentoo.org
http://www.debian.org
http://www.linux-mandrake.com
http://www.slackware.com
"Ha Ha!"
Nelson, various Simpsons episodes
No electrons were harmed creating this post, though some may have been subjected to electrical and/or magnetic fields.
You say "killing IE" like it's a bad thing.
Using Symantec AV, I LiveUpdate'd signatures, only to find that it decared System32/w32sup.exe as a trojan and quarantined it.