Slashdot Mirror

← Back to Stories (view on slashdot.org)

A Worm's Worm

Posted by michael on from the meta dept.

Carnildo writes "There's a new worm out, according to the Register, but one with a twist. This one, called 'Dabber', infects computers by exploiting a security hole in the Sasser worm."

43 of 345 comments (clear)

  1. Ugh... by c0dedude · · Score: 5, Funny

    Jeez, they never fully test these worms before release. No wonder they'd have security issues.

    --
    Since when has this country used intellectual elite as a pejorative term?
    1. Re:Ugh... by irokitt · · Score: 5, Funny

      This is why every worm should be released under the GPL. Then independant worm enthusiasts can verify the security of worm code and contribute patches and improvements to the author.

      --
      If my answers frighten you, stop asking scary questions.
    2. Re:Ugh... by dealsites · · Score: 5, Funny

      I imagine that most of these virus writers are not formally educated in programming, but able to hack together code snippets they find on the web. It's a wonder some of them work as well as they do. I doubt they do peer review or use a CVS to manage their code.

      --
      New deal processing engine online: http://www.dealsites.net/livedeals.html

    3. Re:Ugh... by jesser · · Score: 5, Funny

      So if I'm infected, I can demand a copy of the source code?

      --
      The shareholder is always right.
    4. Re:Ugh... by sulli · · Score: 3, Funny
      Also I took independant studys in c for a extra year.

      In place of English class, apparently.

      --

      sulli
      RTFJ.
    5. Re:Ugh... by mabinogi · · Score: 4, Funny

      You are correct, and I am a moron.

      Next time I'll read all of the comment, not just random words ;)

      --
      Advanced users are users too!
  2. I've had enough by KevinKnSC · · Score: 5, Funny

    Worm writers have got to start taking security more seriously.

    1. Re:I've had enough by iminplaya · · Score: 5, Funny

      Well, at least Microsoft worm writers. I'm sure Linux and Mac worms are much more secure. :-)

      --
      What?
  3. all new low by ResQuad · · Score: 5, Funny

    This is an all new low. Now virus programmers will have to make their virus's better so they dont get infected by another virus.

    I think everyone should go ultra secure, the best firewall ever... Disconnect from the net. It would make this all alot easier on us.

    --
    snowulf.com
    1. Re:all new low by Anonymous Coward · · Score: 5, Funny

      Now virus programmers will have to make their virus's better so they dont get infected by another virus.

      Maybe they can just run Norton AntiVirus - oh wait...

  4. A security hole in a virus? by Neil+Blender · · Score: 1, Funny

    Christ, doesn't anyone do any qc these days?

  5. This is why... by boffy_b · · Score: 5, Funny

    ...we need to stop relying on thrid-party worms, we need Micro-Soft certified worms to ensure our securtity....

    --
    Windows is only $500 if your time is worthless.
    1. Re:This is why... by duffel · · Score: 4, Funny
      ...we need to stop relying on thrid-party worms, we need Micro-Soft certified worms to ensure our securtity....
      You mean like IE? I've certainly had enough programs try to get me to install that on my computer..
      Wouldn't that be a trojan horse rather than a worm? Worms are more like those automatic updates, burrowing into your system... Although that program that downloads them would be more like a trojan horse, and the downloading of updates the payload...

      Yes, that's it! Windows is a trojan horse designed to sneek windows updates onto your computer!

      Tremble before my mighty logic!
    2. Re:This is why... by writermike · · Score: 5, Funny

      ...we need to stop relying on thrid-party worms, we need Micro-Soft certified worms to ensure our securtity....

      Heh.

      The Virus you're about to install has not passed Windows Logo testing to verify its compatibility with Windows XP.

      Continue Anyway.

      --
      If Nalgene water bottles are outlawed, only outlaws will have Nalgene water bottles.
  6. Plug-in by StateOfTheUnion · · Score: 5, Funny

    So now worms come with hooks for third party plug-in's?

    1. Re:Plug-in by molnarcs · · Score: 2, Funny
      "Some of them just open oprts, some trick firewalls and actively "call home", which usually happens to"

      The word you were looking for was pr0ts..

  7. um... by Anonymous Coward · · Score: 5, Funny

    Would that make the security flaw a ::cough:: "Wormhole"?

  8. It's ok... SP1 is coming soon by licamell · · Score: 5, Funny

    The author in response to the news announce that he will be releasing Service Pack 1 within the next week. Make sure to set up your computer to get updates automatically from update.sasser.com.

  9. MS is on it... by wo1verin3 · · Score: 5, Funny

    Microsoft Security Bulletin MS05-014
    Security Update for Microsoft Windows (93212)

    Issued: May 14, 2004
    Updated: May 14, 2004
    Version: 1.0

    Summary
    Who should read this document: Customers who use the Sasser worm

    Impact of vulnerability: Remote Code Execution

    Maximum Severity Rating: Critical

    Recommendation: Customers running the Sasser worm should apply the update immediately to be protected from Dabber.

    Security Update Replacement: This bulletin replaces several prior security updates. See the frequently asked questions (FAQ) section of this bulletin for the complete list.

    Caveats: The security update is for Windows 2000, XP Pro and Home, and Windows 2003 server platforms. As a prerequisite, the security update requires your system be infected with Sasser.

    To download the Sasser worm, please open Outlook Express or Outlook 2000/XP and execute any attachements you have recieved from unknown senders. If you are not using Sasser you do not need to install this update.

    Once installed your system will be immune from being infected with Dabber which exploits a flaw in the widely popular Sasser worm.

    Tested Software and Security Update Download Locations:

    Affected Software:

    Microsoft Windows 2000 Service Pack 2, Microsoft Windows 2000 Service Pack 3, and Microsoft Windows 2000 Service Pack 4 - Download the update

    Microsoft Windows XP and Microsoft Windows XP Service Pack 1 - Download the update

    Microsoft Windows XP 64-Bit Edition Service Pack 1 - Download the update

    Microsoft Windows XP 64-Bit Edition Version 2003 - Download the update

    Microsoft Windows Server(TM) 2003 - Download the update

    Microsoft Windows Server 2003 64-Bit Edition - Download the update

  10. IN SOVIET RUSSIA by ozamosi · · Score: 0, Funny

    it's the worm that gets exploited.

  11. Re:Same for my mac by gmuslera · · Score: 4, Funny

    In computing are the windows the ones with worms, not the apples.

  12. A Quick Fix by magefile · · Score: 3, Funny
    Everyone:
    • if you have windows, type, "format C:"
    • if you have linux, or Mac OSX, type "su if you have a pre-OSX Mac, get someone to translate the above commands for you
    That'll take care of the folks who don't patch or use a firewall or AV. I figure anyone smart enough to do that won't run the commands ... and anyone running a different OS won't have virus issues anyway (and will probably be smart enough to firewall, too!).
    1. Re:A Quick Fix by whiteranger99x · · Score: 2, Funny
      That'll take care of the folks who don't patch or use a firewall or AV.

      Dude, you forgot the following steps:
      • Unplug the computer from the walls
      • Detach peripherials from computer
      • Put computer back in box
      • Ship it back out

      Why? BECAUSE YOU'RE TOO FUCKING STUPID TO USE A COMPUTER!!! ;)
      --
      Join the TWIT army now!
    2. Re:A Quick Fix by rjshields · · Score: 5, Funny

      if you have windows, type, "format C:"

      Why yes, I have windows. I even have doors too. I typed "format C:" like you said but I just got a message saying "the page cannot be displayed".

      --
      In this world nothing is certain but death, taxes and flawed car analogies.
  13. Re:Spyware and others by MrRuslan · · Score: 5, Funny

    Something like a rear entry into bonzi buddies behind?

  14. Re:Antivirus! by Jedi+Alec · · Score: 3, Funny

    yeah, kinda like a dictator being replaced by one that's even worse. i can just feel the revolution on my harddisk taking place...

    --

    People replying to my sig annoy me. That's why I change it all the time.
  15. Re:Clever by beakerMeep · · Score: 4, Funny
    oh the irony.

    a post with the title "clever" and the text "very clever" in a story about a "worm's worm" moderated as "redundant".

    It's like rain on a rainy day.

    --
    meep
  16. Re:geez by 0racle · · Score: 4, Funny

    You know, Blaster and Sasser seemed at first to be really creative. But think he/she is just riding on Windows coattails.

    --
    "I use a Mac because I'm just better than you are."
  17. Patch? by durtbag · · Score: 5, Funny

    So where do I doenload the patch so my Sasser isn't vulnerable?

    --
    itadakimasu
  18. Sigh... by ike6116 · · Score: 5, Funny

    I told you not to try Sasser, it's a gateway worm! IT LEADS TO HARDER, MORE DANGEROUS WORMS!

    --

    Are you secure enough in your masculinity to run 'man touch'?
  19. DMCA violation? by David+Hume · · Score: 4, Funny

    Jeez, they never fully test these worms before release. No wonder they'd have security issues.


    I wonder if the author of the author of Dabber has violated the DMCA by circumventing a copyright protection system -- i.e., the code to the Sasser worm.

    More specifically, I wonder if the author of Sasser can sue the author of Dabber for statutory damages of up to "$2,500 per act of circumvention." ;)

    --
    Only Women Bleed (Sex, Sharia remix)
  20. Re:Same for my mac by Anonymous Coward · · Score: 1, Funny

    No, to stick with tradition, these should be called termites. Who do you think you are, suggesting windows can have worms, upsetting the delicate balance of the oh-so-perfect english language?

  21. Re:Spyware and others by clambake · · Score: 4, Funny

    Just thought about this... With the huge number of machines out there "infected" by spyware, adware and similar programs (and many of them without their users even knowing), how long will it be until a worm is written that exploits a vulnerability in one of these programs?

    Gimme a sec.

  22. Re:planned by wo1verin3 · · Score: 4, Funny

    sure it could have been planned...

    Coming soon....
    http://www.sasser-plugins.com

  23. Re:This is doubly ironic! by wo1verin3 · · Score: 2, Funny

    the jews are gonna be upset about losing those bagels....

  24. Just goes to show you... by Anonymous Coward · · Score: 3, Funny

    Only use worms that are Microsoft Security Hole Certified!

  25. Geek jokes by Tokerat · · Score: 5, Funny


    Program code so advanced it travels through worm holes!

    *rimshot*

    --
    CAn'T CompreHend SARcaSm?
  26. Where can I get a patch? by britneys+9th+husband · · Score: 1, Funny

    Have the authors of Sasser released a patch to fix this vulnerability yet? I checked sasserupdate.com and nothing's been posted yet.

    --
    Hear recorded Slashdot headlines on your phone! New service beta testing. Just call (248) 434-5508
  27. Re:Antivirus! by spun · · Score: 2, Funny

    A TCP port is any port through which they ship the illegal drug TCP, of course. Everyone knows that.

    --
    - None can love freedom heartily, but good men; the rest love not freedom, but license. -- John Milton
  28. BLASPHEMY! by Anonymous Coward · · Score: 1, Funny

    Computer Science Education is about producing scientists not programmers who can develop a product. You should be banished to Devry.

    UNCLEAN!!!!! UNCLEAN!!!!!

  29. Re:Clever by ashot · · Score: 2, Funny

    if only it had been moderated redundant twice..

    --
    -ashot
  30. Reminds me of a poem by mamba-mamba · · Score: 2, Funny

    This reminds me of a poem I heard when I was a kid. I'm not sure who the original author is.

    Every flea has a flea
    on his back to bite him.
    And on that flea another flea
    so ad infinitum.

    MM
    --

    --
    By including this sig, the copyright holders of this work or collection unreservedly place it in the public domain.
  31. Re:OS Popularity? by warm+sushi · · Score: 2, Funny

    Well, the fact is that Sasser JUST PLAIN WORKS, whereas Linux is a nightmare to install. Furthermore, Sasser is ready for the desktop. Joe Sixpack understands Sasser because it's just like all the other worms etc etc...