The security researchers at eEye Digital Security are not impressed with the Sasser worm
Published:
3 May 2004 y., Monday
The company, which found the flaws that were exploited by both the MSBlast worm and the Witty worm, on Saturday started analyzing the latest piece of attack code that takes advantage of a Microsoft Windows vulnerability discovered by its researchers. So far, eEye's analysts are surprised that the worm has spread so far.
The Sasser worm started spreading late Friday, and so far has not racked up the crowd of compromised computers that its predecessors have been able to claim. Such a limited spread could indicate that computer users are becoming more diligent about heeding warnings and patching their systems, but security researchers believe that the worm's poor programming has given network administrators a break.
"If this virus was better written, you would have seen more impact," said Alfred Huger, senior director of security firm Symantec's response center.
The Sasser worm spreads from infected computer to vulnerable computer with no user interaction required. The worm exploits a recent vulnerability in a component of Microsoft Windows known as the Local Security Authority Subsystem Service, or LSASS. After scanning for vulnerable Windows XP and Windows 2000 systems, the worm creates a remote connection to the system, installs a file transfer protocol (FTP) server and then downloads itself to the new host.
Šaltinis:
CNET News.com
Copying, publishing, announcing any information from the News.lt portal without written permission of News.lt editorial office is prohibited.
The most popular articles
Software company announced new structure_ of it_s business.
more »
ParallelGraphics Web3D project tracks MIR's Final Journey Back
more »
Norwegians to Implement Largest-Ever E-Business Project
more »
Orbitz - the airline industry's embattled Internet-ticketing project - will strengthen rather than stifle competition in the travel industry, according to a new report commissioned by Orbitz.
more »
A World Wide Web of Organized Crime An Eastern European ring may have lifted over a million credit-card numbers from the Net.
more »
Software can now produce encrypted worms
more »
After opening its quarterly forum to public input, the International Corporation for Assigned Names and Numbers (ICANN) has been criticized for protecting the monopoly of US domain name registrar VeriSign
more »
For the past year, Eastern European-based hackers have been systematically exploiting known Windows NT vulnerabilities to steal customer data, according to reports from the FBI and SANS Institute.
more »
Despite a slow start, the Internet appliance market is poised to grow dramatically, with shipments of more than 174 million units expected by 2006
more »
search.lt presents newest links
more »
An Internet startup that plans to create its own top-level domain names is likely to cause bigger trouble for Web surfers than for the Internet Corporation for Assigned Names and Numbers, ICANN officials say.
more »