Sassa Virus

Discussion in 'Off-Topic Chat' started by The Cornet King, May 4, 2004.

  1. The Cornet King

    The Cornet King Active Member

    Yet another computer virus! :cry:
    For those of you unfortunate to have had it (like i have) you'll know its a right git!

    Its a virus transferred simply by being connected to the net. Then it shuts your whole system down everytime you go online.

    So just a warning to you all! Go to for more info and ways to stop you getting it!

    Thankfully my system is now clean. Very annoying virus! :x
  2. bassinthebathroom

    bassinthebathroom Active Member

    Serves you right for using Win 2000 and/or XP!

    '98 forever - well, until Microsoft invent something better!
  3. johnmartin

    johnmartin Active Member

    Serves you right for using Windoze of any kind

    Solaris - only true believers may pass :D
  4. rutty

    rutty Active Member

    You'll be a proper Geek the ;)

    Linux over here - none of those fancy trojans/worms/virii on my PC either :)
  5. lynchie

    lynchie Active Member

    I'm on NT 4 here, I don't think its complicated enough to get a virus... :cry:
  6. Naomi McFadyen

    Naomi McFadyen New Member

    I feel we have had this debate before on here...
    Nowt wrong with XP... Win '98 is very unstable so you're more at risk from getting these kinda things... :p

    Back to the virus' however...
    There are several big virus going round just now, so advice (and commonsense) would say: Keep virus checkers upto date! and also IF you don't have a virus checker, for crying out loud get one!

  7. rutty

    rutty Active Member

    Not quite true. Many of these new worms are targetted directly at the new Windows platforms, especially at known insecurities. Windows 95/98/ME was a different platform altogether than 2000/XP and wasn't as "advanced" as it's newer versions - not as many features to exploit.

    Still, all Windows users should regularly perform and update and get these insecurities patched. Most users won't bother and so leave their PCs open to attack, thus making the situation worse.

    For this particular worm I'd say that Windows Update is more important. Removing the Sasser Worm is really easy, especially compared to the likes of Bagle/MyDoom or others.
  8. NeilW

    NeilW Member

    There's lots of good stuff about Sasser-* on the Sophos website (

    I'm sure Graham (downstairs!) won't mind me quoting from the Sophos Website about Sasser:

    "The Sasser worm spreads in a similar way to last year's serious Blaster outbreak, in so much as it travels via the internet exploiting security holes in Microsoft's software and does not use email," said Graham Cluley, senior technology consultant for Sophos. "At the moment it's not travelling as fast as Blaster did, but computers which are not properly protected with anti-virus updates, firewalls and Microsoft's security patch are asking for trouble."

    The security vulnerability, which Microsoft has described as "critical", is said to affect the following Microsoft software:

    Microsoft Windows NT Workstation 4.0 Service Pack 6a
    Microsoft Windows NT Server 4.0 Service Pack 6a
    Microsoft Windows NT Server 4.0 Terminal Server Edition Service Pack 6
    Microsoft Windows 2000 Service Pack 2
    Microsoft Windows 2000 Service Pack 3
    Microsoft Windows 2000 Service Pack 4
    Microsoft Windows XP
    Microsoft Windows XP Service Pack 1
    Microsoft Windows XP 64-Bit Edition Service Pack 1
    Microsoft Windows XP 64-Bit Edition Version 2003
    Microsoft Windows Server 2003
    Microsoft Windows Server 2003 64-Bit Edition
    Microsoft NetMeeting
    Microsoft Windows 98
    Microsoft Windows 98 Second Edition (SE)
    Microsoft Windows Millennium Edition (ME)

    However, the Sasser worm is only capable of successfully infecting Windows XP and Windows 2000 systems.

    "System administrators should note that Sasser doesn't spread by email - so internet email scanning services will not be able to detect this worm, and an absence of reports at your email gateway does not mean you can rest on your laurels," said Graham Cluley. "Companies should deploy the patch from Microsoft, ensure their firewall is set up correctly and update the anti-virus on their desktop and servers."

    The patch from Microsoft is at but you can also get it using Windows Update (

    Sasser does not infect via email, however there's a new varient of Netsky ( that DOES come by email that claims to be a "fix" for Sasser. Keep a lookout for that one too :!:

    (emphatically NOT entering into the "this OS is better than that OS" debate - but you will note that Sasser affects almost all of the Windows varients - 95 isn't supported any more!)
  9. six pints

    six pints Active Member

    virtually all of my college had it, i didnt get it cos i go to all the time... if anyone has any problems with this virus just go there and it should sort you out.

    (im turning more into a geek everyday. this one time, at band camp...)
  10. rutty

    rutty Active Member

    Thanks for the update Neil - I checked the Sophos site yesterday and didn't see all that info. When the BBC reported it yesterday it was lacking in much detail and they said that it only affected 2000/XP machines! Shoddy stuff.

    It attacks a certain port on your PC (port 445 IIRC) so a firewall should be able to block it no problem.

    No doubt the Windows update site has been brought to a crawl by millions of people trying to update too.
  11. Fishsta

    Fishsta Active Member

    This is a nasty one going round... my firewall has gone crazy at the number of accesses to my system (like it did when Blaster was about).

    Just a few points...

    1) If you haven't got Antivirus or Firewall software, get it now. There are free ones available all over if you don't want to pay (e.g. AVG or ZoneAlarm, although I wouldn't use ZoneAlarm unless you're REALLY desperate.) Your computer is a ticking time bomb without it.

    2) Windows 98 is perfectly stable, especially if your computer housekeeping is good. So's Windows ME, but it's still the worst version ever... :)

    3) If you do get infected, you may not be able to shut down your PC, as the virus can block the call and continue infecting.

    4) Erm... Good luck to anyone who DOES get infected.
  12. Gorgie boy

    Gorgie boy Member

    Managed to infect my whole office! Whoops!

    Guess who's keeping his head down today? :oops: :oops: :oops: :oops:
  13. TheMusicMan

    TheMusicMan tMP Founder Staff Member

Share This Page