[Full-Disclosure] Fw: Sasser internet worm spreading

From: B$H (bugtracklist_at_freemail.hu)
Date: 05/01/04

  • Next message: Ben Ryan: "[Full-Disclosure] New LSASS-based worm finally here (Sasser)"
    To: mailinglist full-disclosure <full-disclosure@lists.netsys.com>
    Date: Sat, 01 May 2004 21:44:30 +0200
    
    

    > ARE YOU RUNNING THE LATEST MICROSOFT SECURITY PATCHES?
    > - Sasser internet worm spreading
    >
    >
    > Sophos is advising customers to ensure they are
    > running the latest security patches from Microsoft
    > as the Sasser worm infects internet users.
    >
    > The Sasser worm does not spread via email, but exploits
    > a critical security vulnerability in versions of Microsoft
    > Windows.
    >
    >
    > A detailed analysis of W32/Sasser-A is available at:
    > http://www.sophos.com/virusinfo/analyses/w32sassera.html
    >
    >
    > More information about W32/Sasser-A, and the Microsoft
    > security vulnerability it exploits, can be found at:
    > http://www.sophos.com/virusinfo/articles/sasser.html
    >
    >
    > Information from Microsoft about the Sasser worm and the
    > security vulnerability can be found at:
    > http://www.microsoft.com/security/incident/sasser.asp
    > http://www.microsoft.com/technet/security/bulletin/ms04-011.mspx
    >
    >
    > Home users who do not know if their computers are running
    > the latest Microsoft security patches should visit the
    > Microsoft WindowsUpdate website:
    > http://www.windowsupdate.microsoft.com
    >
    >
    > Sophos issued protection against the W32/Sasser-A worm at
    > 06:30 GMT on 1 May 2004. Customers using Enterprise Manager
    > or the Sophos Anti-Virus Small Business Edition were
    > automatically protected at their next scheduled update.
    >
    > PCs which are secured behind properly configured firewalls
    > should not be affected by the Sasser worm.
    >
    >
    > ADDITIONAL STEPS:
    >
    >
    > Update your corporate anti-virus now so that you can detect
    > and prevent the Sasser worm. If you do not have procedures
    > for rapid updates, implement them now, because you are sure
    > to need them again. Sophos Enterprise Manager is the recommended
    > way to help automate protection updates inside your enterprise.
    > If you are a small business you should consider Sophos's
    > small business solutions to ensure automatically updated
    > protection.
    >
    > http://www.sophos.com/products/em/
    > http://www.sophos.com/products/small_business/
    >
    >
    > If you have not already done so, sign-up for free automatic
    > notification of every new virus found in the wild.
    >
    > http://www.sophos.com/virusinfo/notifications/
    >
    >
    > Educate your users, and keep yourself constantly aware, of
    > the latest virus threats by adding a free virus info feed
    > on your website or intranet. Once added to your site the
    > info feed requires no maintenace and is automatically kept
    > up-to-date with information about the very latest virus alerts.
    > As well as English, the feeds are also available in French,
    > German, Spanish and Japanese.
    >
    > http://www.sophos.com/virusinfo/infofeed/
    >
    >
    >
    > Sophos technical support

    _______________________________________________
    Full-Disclosure - We believe in it.
    Charter: http://lists.netsys.com/full-disclosure-charter.html


  • Next message: Ben Ryan: "[Full-Disclosure] New LSASS-based worm finally here (Sasser)"