[windows2000] ALERT: Trend Micro High Risk Virus Alert - WORM_SASSER.B

• From: "Jim Kenzig http://thin.net" <jimkenz@xxxxxxxxxxxxxx>
• To: thin@xxxxxxxxxxxxx, windows2000@xxxxxxxxxxxxx
• Date: Mon, 3 May 2004 07:21:25 -0400

Starting out to be a great week already.....
JK

Dear Trend Micro customer,

As of May 2, 2004  10:07 PM (PST), TrendLabs has declared a High Risk Virus
alert to control the spread of WORM_SASSER.B. Several infection reports have
been received indicating that this worm is spreading in the Latin American
region.

This variant of WORM_SASSER.A similarly exploits the Windows ?Local Security
Authority Subsystem Service? (LSASS) vulnerability, which is a buffer
overrun that allows remote code execution and enables an attacker to gain
full control of the affected system.

?
http://www.trendmicro.com/vinfo/virusencyclo/default5.asp?VName=MS04-011_MIC
ROSOFT_WINDOWS
? http://www.microsoft.com/technet/security/bulletin/ms04-011.mspx

To propagate, this worm scans random IP addresses for vulnerable systems.
When a vulnerable system is found, the malware sends a specially crafted
packet to produce a buffer overrun on LSASS.EXE, which causes the program to
crash and eventually require Windows to reboot.


TrendLabs has released the following EPS deliverables:

   TMCM Outbreak Prevention Policy 112 (released)
   Official Pattern Release 883  (released)
   Damage Cleanup Template 334 (released)
   Vulnerability Assessment Rule 010 (released)
   Network VirusWall (NVW) Pattern  10125 (released)

For more information on WORM_SASSER.B, you can visit our Web site at:

http://www.trendmicro.com/vinfo/virusencyclo/default5.asp?VName=WORM_SASSER.
B.

And this from Microsoft....
VIRUS ALERT
============

Microsoft has verified that a malicious worm known as W32.Sasser.worm
and variants of that worm are spreading on the Internet.

You can help protect your computer by downloading and installing
Microsoft Security Update MS04-011. You can find more information
on this update at:

http://go.microsoft.com/?LinkID=466770

If you have already installed the update, you are protected from the
worm. If you have not already installed the update, you can download
and install it from the Windows Update Web site. The update is listed in
the critical updates under the update number 835732.

http://windowsupdate.microsoft.com

If you think your computer may be infected by W32.Sasser.worm, find
out for sure and learn what you can do to remove it by visiting the What
You Should Know About Sasser page at:

http://www.microsoft.com/security/incident/sasser.asp

BEWARE OF BOGUS BULLETINS
=========================

If you receive an e-mail message that claims to contain a Microsoft
software update, it is probably a virus trying to trick you into
infecting your computer. Microsoft never widely distributes software
in e-mail messages.

Learn how to spot a bogus bulletin:
http://www.microsoft.com/security/antivirus/authenticate_mail.asp

ABOUT THE MICROSOFT SECURITY UPDATE
===================================

The Microsoft Security Update is an e-mail alert service
designed for home users and small businesses that provides
information about Microsoft security updates and virus alerts.
Microsoft also uses this service to make subscribers aware that
they might need to take action to guard against a circulating
security threat.

You have received this update because you are a subscriber.

Additional Resources:
=====================
*PROTECT YOUR PC: Microsoft has provided information on how you
can help protect your PC at:
http://www.microsoft.com/security/protect/

*SECURITY WEBSITE
http://www.microsoft.com/security/

*HELP PROTECT YOUR PC FROM MASS-MAILER WORMS, SUCH AS BAGLE AND
NETSKY
http://www.microsoft.com/security/incident/mass_mailer.asp

*SECURITY BULLETIN SEARCH TOOL
http://www.microsoft.com/technet/security/current.aspx

*SECURITY NEWSGROUPS
http://go.microsoft.com/?LinkID=436862

*SECURITY NEWSGROUPS TOP 10 QUESTIONS AND ANSWERS
http://go.microsoft.com/?LinkID=436863

Support:
========
Technical support is available from Microsoft Product Support
Services at 1-866-PC SAFETY (1-866-727-2338) in the United States and
Canada only. There is no charge for support calls associated with
security updates. International customers can get support from their
local Microsoft subsidiaries. Phone numbers for international support
can be found at:
http://support.microsoft.com/common/international.aspx
********************************************************
This Weeks Sponsor StressedPuppy.com Games
Feeling stressed out? Check out our games to
relieve your stress.
http://www.StressedPuppy.com
********************************************************
To Unsubscribe, set digest or vacation
mode or view archives use the below link.

http://thethin.net/win2000list.cfm

Other related posts:

• » [windows2000] ALERT: Trend Micro High Risk Virus Alert - WORM_SASSER.B

1. Home
2. windows2000
3. Archive
4. 05-2004

---

• » Previous by Date
• » Next by Date
• » Related Posts
• » View list details
• » Manage your subscription

---