| Forum Home | ||||
| Press F1 | ||||
| Thread ID: 44873 | 2004-05-02 07:44:00 | Sasser worm on XP, very agressive, beware lsass.exe problem | robo (205) | Press F1 |
| Post ID | Timestamp | Content | User | ||
| 233682 | 2004-05-02 21:19:00 | > Thanks for the heads up > > J > :D Ditto |
Greg S (201) | ||
| 233683 | 2004-05-02 21:23:00 | Patch, upgrade and worm your machine. Nice irony. Cheers Murray P |
Murray P (44) | ||
| 233684 | 2004-05-02 23:42:00 | Some news on this: from: CNET News.com (news.com.com) New worm's got sass, but not much else By Robert Lemos Staff Writer, CNET News.com The security researchers at eEye Digital Security are not impressed with the Sasser worm. The company, which found the flaws that were exploited by both the MSBlast worm and the Witty worm, on Saturday started analyzing the latest piece of attack code that takes advantage of a Microsoft Windows vulnerability discovered by its researchers. So far, eEye's analysts are surprised that the worm has spread so far. "It's so poorly written," said Marc Maiffret, chief hacking officer for the Aliso Viejo, Calif., company. "This could still have a lot of impact, but it's written by someone that could barely get the code working." more here........ (news.com.com) |
stu120404 (268) | ||
| 233685 | 2004-05-03 00:07:00 | A heads up for admins on the MS04-11 patch . It has a bug . Go to MS KB841382 ( . microsoft . com/default . aspx?scid=kb;EN-US;841382" target="_blank">support . microsoft . com) and MS KB 187498 ( . microsoft . com/default . aspx?scid=kb;en-us;187498" target="_blank">support . microsoft . com) for the goodies . Excerpt from Virus & Security Watch: According to the first of the Microsoft KnowledgeBase articles linked below, at least the Ipsecw2k . sys, Imcide . sys and Dlttape . sys drivers are involved . Obviously administrators of machines containing hardware requiring either of the latter drivers, or security policies requiring IPSEC functionality may be somewhat aggrieved at the suggestion they remove the affected hardware from their systems or disable their network transport layer security measures . Cheers Murray P |
Murray P (44) | ||
| 233686 | 2004-05-03 02:10:00 | Anyone want the latest edition? SasserB is now out. See - symantec.com |
Robin S_ (86) | ||
| 233687 | 2004-05-03 02:14:00 | and now sasser.C | robsonde (120) | ||
| 233688 | 2004-05-03 06:23:00 | I wonder if the code for it has got any better since the first version of it? | stu120404 (268) | ||
| 233689 | 2004-05-03 06:34:00 | /*sarcasm*/ Scary stuff :| Whats a worm again? /*sarcasm*/. | PoWa (203) | ||
| 233690 | 2004-05-03 06:41:00 | > I wonder if the code for it has got any better since > the first version of it? Come on stu, you should know better than that. This is a worm designed to run on Windows. Like any good MS product this worm will have to conform to certain paradigms: If it ain't ready yet, get it to market anyway. That means a port near you. Send the patch out only when the customers realise they have a broken thing on their system. Rush the patch out under the same principles as the first rule. Upgrade the patched patch then surcharge your customers for it. All software must be a crufty as possible. Result = Poorly written buggy worm, here we go on the patch, upgrade, patch cycle again. :_| Cheers Murray P |
Murray P (44) | ||
| 233691 | 2004-05-03 10:41:00 | > "It's so poorly written," said Marc Maiffret, chief > hacking officer for the Aliso Viejo, Calif., company. > "This could still have a lot of impact, but it's > written by someone that could barely get the code > working." Sounds like utter crap. |
mark.p (383) | ||
| 1 2 3 4 | |||||