01 May 2004
The latest news on the Sasser internet worm outbreak
Last updated: 11 July 2005
Sophos technical support has warned users of the W32/Sasser-A, W32/Sasser-B, W32/Sasser-D, W32/Sasser-E, and
W32/Sasser-F
worms, which are spreading across the internet, and is providing
information to businesses on how best to protect themselves. (Note:
Sophos's detection for W32/Sasser-B also protects against
W32/Sasser-C)
The Sasser worms, which do not travel via email, exploit a
vulnerability described in Microsoft Security
Bulletin MS04-011 to infect computers connected to the
internet.
Customers using Enterprise Manager
or the Sophos Anti-Virus Small Business
Edition were automatically protected against the worms at their
next scheduled update. However, Sophos recommends users apply the
security patch
from Microsoft. Home users are advised to visit windowsupdate.microsoft.com.
Sophos has published a disinfection tool to remove
infections of the Sasser worm from affected computers.
Further reading:
"The Sasser worm spreads in a similar way to last year's serious
Blaster outbreak - it travels via the internet, exploiting security
holes in Microsoft's software and doesn't rely on email," said
Graham Cluley, senior technology consultant for Sophos. "Computers
which are not properly protected with anti-virus updates, firewalls
and Microsoft's security patch are asking for trouble."
Sophos suggests computer users sign up for email notification of new virus
threats and add a live virus
information feed to their websites.
About Sophos
More than 100 million users in 150 countries rely on Sophos as the best protection against complex threats and data loss. Sophos is committed to providing complete security solutions that are simple to deploy, manage, and use and that deliver the industry's lowest total cost of ownership. Sophos offers award-winning encryption, endpoint security, web, email, mobile and network security solutions backed by SophosLabs - a global network of threat intelligence centers.
Sophos is headquartered in Boston, US and Oxford, UK. More information is available at www.sophos.com.