Sasser - From Microsoft

[hismajesty]

My school is/was (I think it's mostly gone since they weren't shutting down today) infected with it as well.

[Fr0z3N]

I don't think I've ever been infected with anything Router + Firewall  

[Mephisto]

I believe the Sasser worm only affects Windows 2000 and Windows XP variants.  Anything above or before those versions of Windows aren't at risk of the Sasser worm, at least that's what I'm thinking.  Because...I have no firewalls set up (yet) and I haven't been affected, and the support Websites for Sasser worm on Microsoft's Website doesn't have a tool for removing or detecting the Sasser worm on other versions besides Windows XP and 2000.

[iago]

It uses an exploit in LSASS, which is new to win2k+ I think.

[hismajesty]

I believe the Sasser worm only affects Windows 2000 and Windows XP variants.  Anything above or before those versions of Windows aren't at risk of the Sasser worm, at least that's what I'm thinking.  Because...I have no firewalls set up (yet) and I haven't been affected, and the support Websites for Sasser worm on Microsoft's Website doesn't have a tool for removing or detecting the Sasser worm on other versions besides Windows XP and 2000.

There's a fix at microsofts website, iirc. If not, trendmicro.com has one.

[Grok]

While I cannot predict which Windows OS vulnerability will be found and exploited next month, I can predict with 100% certainty that it will come as a shock to everyone.  Most people who were hit by Sasser will still not have a firewall to protect them, nor will they have patched their machines.  On top of that, they'll still be surfing the web while logged on as the Administrator account.

[effect]

the moral of the story is dont listen to anything microsoft says.

Why do you insist on thinking that?  I'm so sick of people who just randomly *hate* Microsoft and pretend that everything they say is BS and all of their products are, etc.

Are your blind or do u live under a rock? , Microsoft *continually* make totally vulnerbale software and realease it too hastly to the market. The fact that they can afford to do this really gets to me and im sure alot of other people. So your statement about my distest for them being random is not correct , there are also many other reasons why i have bones to pick with Microsoft.

[MyndFyre]

the moral of the story is dont listen to anything microsoft says.

Why do you insist on thinking that?  I'm so sick of people who just randomly *hate* Microsoft and pretend that everything they say is BS and all of their products are, etc.

Are your blind or do u live under a rock? , Microsoft *continually* make totally vulnerbale software and realease it too hastly to the market. The fact that they can afford to do this really gets to me and im sure alot of other people. So your statement about my distest for them being random is not correct , there are also many other reasons why i have bones to pick with Microsoft.

Microsoft may *continually* make vulnerable software, and it may release it too hastily to the market, but the real fact of the matter is that, when you're developing software that is intended to run on 90% or more of the market, there is simply too much to be able to check everything.  It's not a bad thing that Microsoft has to patch their software once a month.  Who really cares?  "Oh, it's SOOOO inconvenient that I have to update this software once a month.  I'm getting carpal tunnel from going to Windows Update!"

As Grok pointed out, if you're running in a secure environment, such a thing as the Sasser worm shouldn't get you.  I'm behind a firewall, and it never came close.  That's all it took.  No internet connection firewall, not even a virus scanner (as of right now).  Ooooohhh.

The reason you don't hear about a mass virus attacking Linux is simply because there is no such thing as mass Linux.  If there was an exploit on one of the major flavors of Linux (there are five, correct?), that might hit about 1% of all total mainstream (home) computer users that aren't behind a firewall.  No major news outlets will cover the "massive outbreak of the Penguin Death worm!" nor will any hackers gain much fame from it.  There might be a short little article on /., and that will be that.  The publisher will fix it, and the world will be none the wiser -- giving the l33t c0d3r absoltely no reason to even bother with making it in the first place.

To quote a famous person -- "you'll get over it."

[Grok]

Are your blind or do u live under a rock? , Microsoft *continually* make totally vulnerbale software and realease it too hastly to the market. The fact that they can afford to do this really gets to me and im sure alot of other people. So your statement about my distest for them being random is not correct , there are also many other reasons why i have bones to pick with Microsoft.

I am neither blind nor live under a rock.  Not sure why you have a problem with blind people, but we won't address your anger against them, at least in this topic.

What is "totally vulnerable" software?  Does that mean every line of code is vulnerable?  Or just every feature?  Every product?  Every web page?  Either clarify or retract it, because I think you just proportionalized it for effect of argument.

Release too hastily?  Most of the world depends on Microsoft to innovate and release, so they can drive their businesses with these products.  They demand that Microsoft release as soon as a product is anywhere near stability.  It is business that drives the software market, determines which features are added.  Microsoft listens to the money, follows the money, and implements features as fast as their 225,000 programmers possibly can do.

Horrors, are there bugs in the millions of lines of code they write every year?  OMG!  They should be ashamed.  But I'll tell you what... I write some of the best error-free code of any programmer (of those I know personally) and most Microsoft public-released code is better than mine.  That Microsoft only has a few dozen patches a year is simply incredible.  Microsoft has the best, longest-lasting, most accurate, most productive, most efficient, product delivery lifecycle in the history of software development.

What are your other bones to pick?

[AC_Drkan]

Yeah i had sasler attack my computer

Zonealarm is actually pretty cool.

OH BTB

One of my relatives (cough cough)

Wroks in the IRS.

It SHUT DOWN THE IRS

no joke

[Adron]

It SHUT DOWN THE IRS

Sasser is a friend of Grok's?

[MyndFyre]

It SHUT DOWN THE IRS

Sasser is a friend of Grok's?

LoL -- the first thought that crossed my mind when he said that he had a relative who works for the IRS was, "Oh no -- they're coming for Grok!"  Then I thought, "Nevermind -- Grok is safe!"

[Grok]

It SHUT DOWN THE IRS

Sasser is a friend of Grok's?

LoL -- the first thought that crossed my mind when he said that he had a relative who works for the IRS was, "Oh no -- they're coming for Grok!"  Then I thought, "Nevermind -- Grok is safe!"

Cute.  But why would they "come for me"?  I pay 100% of my taxes.

[Skywing]

It uses an exploit in LSASS, which is new to win2k+ I think.

Um.  LSASS has been part of Windows NT since 3.1.

[Thing]

I like Sasser.  So far I've made around $600.00 from it.