The security researchers at eEye Digital Security are not impressed with the Sasser worm
Published:
3 May 2004 y., Monday
The company, which found the flaws that were exploited by both the MSBlast worm and the Witty worm, on Saturday started analyzing the latest piece of attack code that takes advantage of a Microsoft Windows vulnerability discovered by its researchers. So far, eEye's analysts are surprised that the worm has spread so far.
The Sasser worm started spreading late Friday, and so far has not racked up the crowd of compromised computers that its predecessors have been able to claim. Such a limited spread could indicate that computer users are becoming more diligent about heeding warnings and patching their systems, but security researchers believe that the worm's poor programming has given network administrators a break.
"If this virus was better written, you would have seen more impact," said Alfred Huger, senior director of security firm Symantec's response center.
The Sasser worm spreads from infected computer to vulnerable computer with no user interaction required. The worm exploits a recent vulnerability in a component of Microsoft Windows known as the Local Security Authority Subsystem Service, or LSASS. After scanning for vulnerable Windows XP and Windows 2000 systems, the worm creates a remote connection to the system, installs a file transfer protocol (FTP) server and then downloads itself to the new host.
Šaltinis:
CNET News.com
Copying, publishing, announcing any information from the News.lt portal without written permission of News.lt editorial office is prohibited.
The most popular articles
Software company announced new structure_ of it_s business.
more »
Email churn surges into the tens of billions
more »
Experts say the Nimda virus spreads through e-mail, vulnerable servers, and the Internet via open network sharing features and altered Web pages.
more »
Hackers have begun attacking Web sites connected to Afghanistan's Taliban rulers and to other Islamic nations
more »
Corporate altruism is replacing shock as some tech companies offer free services and bandwidth to businesses affected by last week's attacks.
more »
In an apparent response to terrorist attacks on America, a notorious hacker known as "Fluffi Bunni" defaced potentially tens of thousands of high-profile Web sites, replacing their home pages with a rant about religion, capitalism, and violence.
more »
U.S. consumers are more likely to revisit Web sites that are fast loading, customizable and more informative than those that offer rich media or content delivery to wireless handsets, according to research by Jupiter Media Metrix.
more »
Entertainment industry lobbyists say programmers and open-source activists should not be alarmed by a controversial proposal to embed copy-protection controls in nearly all PCs and consumer electronic devices.
more »
Homegrown instant messaging start-up Odigo, Inc. has scored a lucrative deal to develop and power "MTV Messenger", a new IM communications tool for MTV-owned Web sites in Europe.
more »
search.lt presents newest links
more »
A South Korean Internet portal has filed a complaint with fair trade regulators, alleging Microsoft is shutting out competition by tying a range of application software into its new Windows operating system.
more »