Sasser effects

Sasser effectsSasser effects: A third of the post offices in Taiwan have been shut down, and a Finnish bank has shut down all its 130 offices. There's now a second, more infectious Sasser variant, and both can attack new machines without user intervention… it's more pernicious than a “don't accept attachments” kind of vector. Two additional variants have also been identified so far, with some analysts expecting quick near-term mutation. An estimated 300 million computers are vulnerable, and one infection can spread across a local network within seconds. Meanwhile, in addition to patching Win2K or WinXP systems, it sounds like port 445 (and possibly port 139) are used for transmission. Currently, the guilty process is named AVSERVE.EXE. (No cause for gloating if you're on a Mac or Linux box, because damage to the network is damage to all of us.) Update: The Globe & Mail has reports of Candian utility and phone companies being affected by the attack.  [JD on MX]

Leave a comment