The latest news on the Sasser internet worm outbreak

Sophos Press Release

Last updated: 11 July 2005

Sophos technical support has warned users of the W32/Sasser-A, W32/Sasser-B, W32/Sasser-D, W32/Sasser-E, and W32/Sasser-F worms, which are spreading across the internet, and is providing information to businesses on how best to protect themselves. (Note: Sophos's detection for W32/Sasser-B also protects against W32/Sasser-C)

The Sasser worms, which do not travel via email, exploit a vulnerability described in Microsoft Security Bulletin MS04-011 to infect computers connected to the internet.

Customers using Enterprise Manager or the Sophos Anti-Virus Small Business Edition were automatically protected against the worms at their next scheduled update. However, Sophos recommends users apply the security patch from Microsoft. Home users are advised to visit windowsupdate.microsoft.com.

Sophos has published a disinfection tool to remove infections of the Sasser worm from affected computers.

Further reading:

"The Sasser worm spreads in a similar way to last year's serious Blaster outbreak - it travels via the internet, exploiting security holes in Microsoft's software and doesn't rely on email," said Graham Cluley, senior technology consultant for Sophos. "Computers which are not properly protected with anti-virus updates, firewalls and Microsoft's security patch are asking for trouble."

Sophos suggests computer users sign up for email notification of new virus threats and add a live virus information feed to their websites.

Mehr als 100 Millionen Anwender in 150 Ländern vertrauen auf Sophos. Wir bieten den besten Schutz vor komplexen IT-Bedrohungen und Datenverlusten. Unsere umfassenden Sicherheitslösungen sind einfach bereitzustellen, zu bedienen und zu verwalten. Dabei bieten sie die branchenweit niedrigste Total Cost of Ownership. Das Angebot von Sophos umfasst preisgekrönte Verschlüsselungslösungen, Sicherheitslösungen für Endpoints, Netzwerke, mobile Geräte, E-Mails und Web. Dazu kommt Unterstützung aus den SophosLabs, unserem weltweiten Netzwerk eigener Analysezentren.

Die Sophos Hauptsitze sind in Boston, USA, und Oxford, UK.