Sassa Virus

The Cornet King

The Cornet King

Active Member
Yet another computer virus! :cry:
For those of you unfortunate to have had it (like i have) you'll know its a right git!

Its a virus transferred simply by being connected to the net. Then it shuts your whole system down everytime you go online.

So just a warning to you all! Go to www.microsoft.com/security for more info and ways to stop you getting it!

Thankfully my system is now clean. Very annoying virus! :x
 
johnmartin

johnmartin

Active Member
bassinthebathroom said:
Serves you right for using Win 2000 and/or XP!

'98 forever - well, until Microsoft invent something better!
Click to expand...
Serves you right for using Windoze of any kind

Solaris - only true believers may pass :D
 
rutty

rutty

Active Member
johnmartin said:
bassinthebathroom said:
Serves you right for using Win 2000 and/or XP!

'98 forever - well, until Microsoft invent something better!
Click to expand...
Serves you right for using Windoze of any kind

Solaris - only true believers may pass :D
Click to expand...

You'll be a proper Geek the ;)

Linux over here - none of those fancy trojans/worms/virii on my PC either :)
 
N

Naomi McFadyen

New Member
bassinthebathroom said:
Serves you right for using Win 2000 and/or XP!

'98 forever - well, until Microsoft invent something better!
Click to expand...

:shock:
I feel we have had this debate before on here...
Nowt wrong with XP... Win '98 is very unstable so you're more at risk from getting these kinda things... :p

Back to the virus' however...
There are several big virus going round just now, so advice (and commonsense) would say: Keep virus checkers upto date! and also IF you don't have a virus checker, for crying out loud get one!

;-)
 
rutty

rutty

Active Member
Naruco said:
bassinthebathroom said:
Serves you right for using Win 2000 and/or XP!

'98 forever - well, until Microsoft invent something better!
Click to expand...

:shock:
I feel we have had this debate before on here...
Nowt wrong with XP... Win '98 is very unstable so you're more at risk from getting these kinda things... :p
Click to expand...

Not quite true. Many of these new worms are targetted directly at the new Windows platforms, especially at known insecurities. Windows 95/98/ME was a different platform altogether than 2000/XP and wasn't as "advanced" as it's newer versions - not as many features to exploit.

Still, all Windows users should regularly perform and update and get these insecurities patched. Most users won't bother and so leave their PCs open to attack, thus making the situation worse.

For this particular worm I'd say that Windows Update is more important. Removing the Sasser Worm is really easy, especially compared to the likes of Bagle/MyDoom or others.
 
NeilW

NeilW

Member
There's lots of good stuff about Sasser-* on the Sophos website (http://www.sophos.com)

I'm sure Graham (downstairs!) won't mind me quoting from the Sophos Website about Sasser:

"The Sasser worm spreads in a similar way to last year's serious Blaster outbreak, in so much as it travels via the internet exploiting security holes in Microsoft's software and does not use email," said Graham Cluley, senior technology consultant for Sophos. "At the moment it's not travelling as fast as Blaster did, but computers which are not properly protected with anti-virus updates, firewalls and Microsoft's security patch are asking for trouble."

The security vulnerability, which Microsoft has described as "critical", is said to affect the following Microsoft software:

Microsoft Windows NT Workstation 4.0 Service Pack 6a
Microsoft Windows NT Server 4.0 Service Pack 6a
Microsoft Windows NT Server 4.0 Terminal Server Edition Service Pack 6
Microsoft Windows 2000 Service Pack 2
Microsoft Windows 2000 Service Pack 3
Microsoft Windows 2000 Service Pack 4
Microsoft Windows XP
Microsoft Windows XP Service Pack 1
Microsoft Windows XP 64-Bit Edition Service Pack 1
Microsoft Windows XP 64-Bit Edition Version 2003
Microsoft Windows Server 2003
Microsoft Windows Server 2003 64-Bit Edition
Microsoft NetMeeting
Microsoft Windows 98
Microsoft Windows 98 Second Edition (SE)
Microsoft Windows Millennium Edition (ME)

However, the Sasser worm is only capable of successfully infecting Windows XP and Windows 2000 systems.

"System administrators should note that Sasser doesn't spread by email - so internet email scanning services will not be able to detect this worm, and an absence of reports at your email gateway does not mean you can rest on your laurels," said Graham Cluley. "Companies should deploy the patch from Microsoft, ensure their firewall is set up correctly and update the anti-virus on their desktop and servers."

The patch from Microsoft is at
http://www.microsoft.com/technet/security/bulletin/ms04-011.mspx but you can also get it using Windows Update (http://windowsupdate.microsoft.com/)

Sasser does not infect via email, however there's a new varient of Netsky (http://www.sophos.com/virusinfo/analyses/w32netskyac.html) that DOES come by email that claims to be a "fix" for Sasser. Keep a lookout for that one too :!:

Neil
(emphatically NOT entering into the "this OS is better than that OS" debate - but you will note that Sasser affects almost all of the Windows varients - 95 isn't supported any more!)
 
six pints

six pints

Active Member
virtually all of my college had it, i didnt get it cos i go to www.windowsupdate.com all the time... if anyone has any problems with this virus just go there and it should sort you out.

(im turning more into a geek everyday. this one time, at band camp...)
 
rutty

rutty

Active Member
Thanks for the update Neil - I checked the Sophos site yesterday and didn't see all that info. When the BBC reported it yesterday it was lacking in much detail and they said that it only affected 2000/XP machines! Shoddy stuff.

It attacks a certain port on your PC (port 445 IIRC) so a firewall should be able to block it no problem.

No doubt the Windows update site has been brought to a crawl by millions of people trying to update too.
 
Fishsta

Fishsta

Active Member
This is a nasty one going round... my firewall has gone crazy at the number of accesses to my system (like it did when Blaster was about).

Just a few points...

1) If you haven't got Antivirus or Firewall software, get it now. There are free ones available all over if you don't want to pay (e.g. AVG or ZoneAlarm, although I wouldn't use ZoneAlarm unless you're REALLY desperate.) Your computer is a ticking time bomb without it.

2) Windows 98 is perfectly stable, especially if your computer housekeeping is good. So's Windows ME, but it's still the worst version ever... :)

3) If you do get infected, you may not be able to shut down your PC, as the virus can block the call and continue infecting.

4) Erm... Good luck to anyone who DOES get infected.
 
You must log in or register to reply here.
Top