The latest news on the Sasser internet worm outbreak

Sophos Press Release

Last updated: 11 July 2005

Sophos technical support has warned users of the W32/Sasser-A, W32/Sasser-B, W32/Sasser-D, W32/Sasser-E, and W32/Sasser-F worms, which are spreading across the internet, and is providing information to businesses on how best to protect themselves. (Note: Sophos's detection for W32/Sasser-B also protects against W32/Sasser-C)

The Sasser worms, which do not travel via email, exploit a vulnerability described in Microsoft Security Bulletin MS04-011 to infect computers connected to the internet.

Customers using Enterprise Manager or the Sophos Anti-Virus Small Business Edition were automatically protected against the worms at their next scheduled update. However, Sophos recommends users apply the security patch from Microsoft. Home users are advised to visit

Sophos has published a disinfection tool to remove infections of the Sasser worm from affected computers.

Further reading:

"The Sasser worm spreads in a similar way to last year's serious Blaster outbreak - it travels via the internet, exploiting security holes in Microsoft's software and doesn't rely on email," said Graham Cluley, senior technology consultant for Sophos. "Computers which are not properly protected with anti-virus updates, firewalls and Microsoft's security patch are asking for trouble."

Sophos suggests computer users sign up for email notification of new virus threats and add a live virus information feed to their websites.

ソフォスは、次世代エンドポイントおよびネットワークセキュリティのリーダー企業であり、連携型セキュリティのパイオニアとして、エンドポイント、ネットワーク、暗号化、Web、電子メール、モバイルセキュリティソリューションを連携させ、優れた効果を発揮させる革新的なポートフォリオを開発しています。ソフォスの製品は、脅威対策やデータ流出対策のベストソリューションとして認知されており、世界約150カ国で1億ユーザー以上のお客様に採用されています。ソフォスの製品は、26,000社以上の登録パートナー企業から構成されるグローバルチャネルからのみ提供されます。ソフォスの本社は英国オックスフォードにあり、ロンドン証券取引所に上場しています(LSE: SOPH)。詳細については、www.sophos.comをご覧ください。