Starting out to be a great week already..... JK Dear Trend Micro customer, As of May 2, 2004 10:07 PM (PST), TrendLabs has declared a High Risk Virus alert to control the spread of WORM_SASSER.B. Several infection reports have been received indicating that this worm is spreading in the Latin American region. This variant of WORM_SASSER.A similarly exploits the Windows ?Local Security Authority Subsystem Service? (LSASS) vulnerability, which is a buffer overrun that allows remote code execution and enables an attacker to gain full control of the affected system. ? http://www.trendmicro.com/vinfo/virusencyclo/default5.asp?VName=MS04-011_MIC ROSOFT_WINDOWS ? http://www.microsoft.com/technet/security/bulletin/ms04-011.mspx To propagate, this worm scans random IP addresses for vulnerable systems. When a vulnerable system is found, the malware sends a specially crafted packet to produce a buffer overrun on LSASS.EXE, which causes the program to crash and eventually require Windows to reboot. TrendLabs has released the following EPS deliverables: TMCM Outbreak Prevention Policy 112 (released) Official Pattern Release 883 (released) Damage Cleanup Template 334 (released) Vulnerability Assessment Rule 010 (released) Network VirusWall (NVW) Pattern 10125 (released) For more information on WORM_SASSER.B, you can visit our Web site at: http://www.trendmicro.com/vinfo/virusencyclo/default5.asp?VName=WORM_SASSER. B. And this from Microsoft.... VIRUS ALERT ============ Microsoft has verified that a malicious worm known as W32.Sasser.worm and variants of that worm are spreading on the Internet. You can help protect your computer by downloading and installing Microsoft Security Update MS04-011. You can find more information on this update at: http://go.microsoft.com/?LinkID=466770 If you have already installed the update, you are protected from the worm. If you have not already installed the update, you can download and install it from the Windows Update Web site. The update is listed in the critical updates under the update number 835732. http://windowsupdate.microsoft.com If you think your computer may be infected by W32.Sasser.worm, find out for sure and learn what you can do to remove it by visiting the What You Should Know About Sasser page at: http://www.microsoft.com/security/incident/sasser.asp BEWARE OF BOGUS BULLETINS ========================= If you receive an e-mail message that claims to contain a Microsoft software update, it is probably a virus trying to trick you into infecting your computer. Microsoft never widely distributes software in e-mail messages. Learn how to spot a bogus bulletin: http://www.microsoft.com/security/antivirus/authenticate_mail.asp ABOUT THE MICROSOFT SECURITY UPDATE =================================== The Microsoft Security Update is an e-mail alert service designed for home users and small businesses that provides information about Microsoft security updates and virus alerts. Microsoft also uses this service to make subscribers aware that they might need to take action to guard against a circulating security threat. You have received this update because you are a subscriber. Additional Resources: ===================== *PROTECT YOUR PC: Microsoft has provided information on how you can help protect your PC at: http://www.microsoft.com/security/protect/ *SECURITY WEBSITE http://www.microsoft.com/security/ *HELP PROTECT YOUR PC FROM MASS-MAILER WORMS, SUCH AS BAGLE AND NETSKY http://www.microsoft.com/security/incident/mass_mailer.asp *SECURITY BULLETIN SEARCH TOOL http://www.microsoft.com/technet/security/current.aspx *SECURITY NEWSGROUPS http://go.microsoft.com/?LinkID=436862 *SECURITY NEWSGROUPS TOP 10 QUESTIONS AND ANSWERS http://go.microsoft.com/?LinkID=436863 Support: ======== Technical support is available from Microsoft Product Support Services at 1-866-PC SAFETY (1-866-727-2338) in the United States and Canada only. There is no charge for support calls associated with security updates. International customers can get support from their local Microsoft subsidiaries. Phone numbers for international support can be found at: http://support.microsoft.com/common/international.aspx ******************************************************** This Weeks Sponsor StressedPuppy.com Games Feeling stressed out? Check out our games to relieve your stress. http://www.StressedPuppy.com ******************************************************** To Unsubscribe, set digest or vacation mode or view archives use the below link. http://thethin.net/win2000list.cfm