Re: UPDATE: Product Support Services - W32.SASSER WORM RELATING TO MS04-011
From: Jerry Bryant [MSFT] (jbryant_at_online.microsoft.com)
Date: 05/05/04
- Next message: Derek Melber [MVP]: "Re: How can I prevent users from logging onto a specific machine"
- Previous message: James: "Username and Password Gray Win2003 Server"
- In reply to: Crusty \(-: Old B_at_stard :-\): "Re: UPDATE: Product Support Services - W32.SASSER WORM RELATING TO MS04-011"
- Messages sorted by: [ date ] [ thread ] [ subject ] [ author ] [ attachment ]
Date: Wed, 5 May 2004 10:27:40 -0700
The cleaner tool is now offered from Windows Update to users with Sasser
detected on their machines.
-- Regards, Jerry Bryant - MCSE, MCDBA Microsoft IT Communities Get Secure! www.microsoft.com/security This posting is provided "AS IS" with no warranties, and confers no rights. "Crusty (-: Old B@stard :-)" <richardurbanREMOVETHIS@hotmail.com> wrote in message news:epKGbCkMEHA.2532@TK2MSFTNGP10.phx.gbl... > Thank You! > > -- > Regards: > > Richard Urban > > aka Crusty (-: Old B@stard :-) > > "Jerry Bryant [MSFT]" <jbryant@online.microsoft.com> wrote in message > news:OqbW%23jjMEHA.648@TK2MSFTNGP10.phx.gbl... > > UPDATE (05/04/2004): > > - This alert is being updated to advise you of an update to Microsoft > > Security Bulletin MS04-011. This update details additional workaround > > steps > > which customers can take to protect against the LSASS vulnerability > > (CAN-2003-0533). This is the vulnerability which is exploited by the > > Sasser > > worm and its variants. Customers who have not yet deployed the security > > update for MS04-011 can evaluate implementing this new workaround to > > protect > > against the Sasser worm and its variants. > > > > - In addition, Microsoft has updated the cleanup tool for W32.Sasser.worm > > to remove the C and D variants of the Sasser worm. The Sasser removal > > tool > > now removes Sasser A, B, C and D. The updated removal tool is located at > > http://www.microsoft.com/downloads/details.aspx?FamilyId=76C6DE7E-1B6B-4FC3-90D4-9FA42D14CC17&displaylang=en > > and is documented in Knowledge Base article KB841720 > > http://support.microsoft.com/default.aspx?scid=kb;EN-US;841720. > > > > What is this alert? > > > > - Microsoft has been made aware of a worm identified as "W32.Sasser.worm" > > and it is currently circulating on the Internet. The worm exploits the > > Local Security Authority Subsystem Service (LSASS) vulnerability fixed in > > Microsoft Security Update MS04-011 on April 13, 2004. > > > > - Microsoft encourages customers to protect themselves against this worm > > by > > installing Microsoft Security Bulletin MS04-011 > > <www.microsoft.com/technet/security/bulletin/ms04-011.mspx> immediately. > > > > - Customers who have enabled the Windows XP Firewall are protected from > > the > > vector this worm attacks, which is TCP Port 139. Most third party > > firewalls > > also block this attack vector by default. > > > > If you have any questions regarding the security updates or its > > implementation after reading the above listed bulletin you should contact > > Product Support Services in the United States at 1-866-PCSafety > > (1-866-727-2338). International customers should contact their local > > subsidiary. > > > > Thank you, > > Microsoft PSS Security Team > > > > -- > > Regards, > > > > Jerry Bryant - MCSE, MCDBA > > Microsoft IT Communities > > > > Get Secure! www.microsoft.com/security > > > > > > This posting is provided "AS IS" with no warranties, and confers no > > rights. > > > > > >
- Next message: Derek Melber [MVP]: "Re: How can I prevent users from logging onto a specific machine"
- Previous message: James: "Username and Password Gray Win2003 Server"
- In reply to: Crusty \(-: Old B_at_stard :-\): "Re: UPDATE: Product Support Services - W32.SASSER WORM RELATING TO MS04-011"
- Messages sorted by: [ date ] [ thread ] [ subject ] [ author ] [ attachment ]
Relevant Pages
|
