The latest news on the Sasser internet worm outbreak

Sophos Press Release

Last updated: 11 July 2005

Sophos technical support has warned users of the W32/Sasser-A, W32/Sasser-B, W32/Sasser-D, W32/Sasser-E, and W32/Sasser-F worms, which are spreading across the internet, and is providing information to businesses on how best to protect themselves. (Note: Sophos's detection for W32/Sasser-B also protects against W32/Sasser-C)

The Sasser worms, which do not travel via email, exploit a vulnerability described in Microsoft Security Bulletin MS04-011 to infect computers connected to the internet.

Customers using Enterprise Manager or the Sophos Anti-Virus Small Business Edition were automatically protected against the worms at their next scheduled update. However, Sophos recommends users apply the security patch from Microsoft. Home users are advised to visit

Sophos has published a disinfection tool to remove infections of the Sasser worm from affected computers.

Further reading:

"The Sasser worm spreads in a similar way to last year's serious Blaster outbreak - it travels via the internet, exploiting security holes in Microsoft's software and doesn't rely on email," said Graham Cluley, senior technology consultant for Sophos. "Computers which are not properly protected with anti-virus updates, firewalls and Microsoft's security patch are asking for trouble."

Sophos suggests computer users sign up for email notification of new virus threats and add a live virus information feed to their websites.

Più di 100 milioni di utenti in 150 paesi si affidano a Sophos, considerandola la migliore protezione contro minacce complesse e perdita dei dati. Sophos si impegna a fornire soluzioni di protezione completa facili da distribuire, gestire e utilizzare, e che offrano il più basso costo totale di proprietà del settore. Sophos offre soluzioni all'avanguardia per cifratura, sicurezza degli endpoint, Web, e-mail, dispositivi mobili e della rete, grazie al supporto dei SophosLabs: la nostra rete mondiale di centri di prevenzione delle minacce.

Le sedi centrali di Sophos sono situate a Boston, USA, e ad Oxford, Regno Unito.