Slashdot Mirror


New Windows Worm on the Loose

Dynamoo writes "The Internet Storm Center has issued a Yellow Alert due to the spread of the Sasser worm exploiting Windows 2000 and XP machines through a documented flaw in the Local Security Authority Subsystem Service (LSASS) as described in Microsoft Bulletin MS04-011. Initial analysis seems to indicate classic Blaster-style worm behaviour. Right now I'm just getting a probe every 10 minutes or so on my firewall, but this is bound to escalate sharply as the pool of infected machines grows. Of course all good Windows-using Slashdotters visit Windows Update regularly and have a firewall, don't you? More information at Computer Associates, F-Secure, Symantec and McAfee."

4 of 622 comments (clear)

  1. Security Update Dates by TheUnFounded · · Score: 5, Insightful

    You know, normally these updates are available a good 3 or 4 months before the worm becomes available. This one was updated about 3 days ago. And MS claims to be beefing up their security efforts. ...

  2. Re:ah... by Anonymous Coward · · Score: 5, Insightful
    the luxury of being behind a nat box with all ports off and not having to deal with such nonsense

    Yeah... till your buddy comes over to play Counterstrike and plugs into your hub infecting your machine.

  3. Re:I Use X Windows by SpectreGadget · · Score: 5, Insightful

    oh yes:

    "emerge sync; emerge -uD --fetchonly world; emerge -uD world; etc-update"

    isn't kludgy in the least and very intuitive. I prefer "apt-get dist-upgrade" myself.

    --
    Jim Harry
  4. Re:HAHA by Lothsahn · · Score: 5, Insightful

    Actually, current viruses are real malware, especially the ones that try to shut down virus scanners.

    They cause the computer to run really slow, and screw things up, including networking settings, killing IE, destroy the cryptography service, so that you can't get updates, and the ability to repair the TCP/IP layer.

    When you get multiple viruses on a machine, they can cause it to not even startup--Especially the ones that try to shut down virus scanners (Gaobot).

    I know they're not malware in the sense that they format your HD or anything, but when your server runs at 10% of it's normal speed, that's enough to take down almost any operation.

    --
    -=Lothsahn=-