“Many versions of Windows are at risk,” BBC News reports. “Disruption caused by a new internet virus known as Sasser is showing signs of worsening. In two separate cases, companies in Taiwan and Finland reported the worm had disrupted their computers. Sasser, unlike a virus which travels through e-mails and attachments, spreads directly from the internet.”
“It attacks recent versions of Microsoft’s Windows causing the computer to shut down. Experts believe millions of computers may be infected. In Moscow a computer security firm warned of a possible major epidemic,” BBC News reports. “Microsoft has acknowledged that the worm is spreading but played down the threat. ‘It seems to me an exaggeration to say that millions of computers have been affected,’ said Bernard Ourghanlian, Microsoft’s technical director in France.”
“Sasser attacks recent versions of Windows 2000, Windows Server 2003 and Windows XP,” BBC News reports. The computer has to be rebooted several times but appears to suffer no lasting damage. ‘Worst affected will be small and medium-sized businesses that don’t have the resources to update their anti-virus software,’ said Mark Grady, principal consultant at IT consultants Intraliant. ‘Large corporations have the time and money and will have updated their patches,’ Mr Grady said. A Microsoft patch was released on 13 April and revised on 28 April. Internet users have been warned that they are more likely to get the virus the more they surf the web.”
Full article here.
MacDailyNews Take: So, small and medium-sized businesses are screwed, but it’s okay that large corporations can waste untold (and for some reason never totalled) amounts of time and money? Foolishness knows no bounds. If you belong to that small subset of Windows users that like to use the Internet, you’ve been warned. Try to surf less or not at all, okay? If you’re finally tired of downloading and installing patches to patch patches that patched patches issued to fix patches that broke while patching a patch that didn’t patch the first patch, but broke the last patch you patched, you might want to try a Mac instead. More information about adding a Mac OS X machine to your computing arsenal here.
I work for a large corporation and we got hammered this morning. Every PC affected except the 4 machines in my office. They are the only Mac’s in over 4000 desktops. MS saying is small number….. bull!
Yet another virus/bug/worm wreaking havoc on those poor Windows users/businesses. After losing collective billons in lost productivity/downtime/patch-repair-restore costs, the only one laughing all the way to the bank….billionaire Bill G. They must have pretty thick skins to keep getting bitten in the ass and to keep coming back for more. Not too bright, though.
for MS it’s all about damage control.
“the damage was minimal” they say, and hope the public buys it (which is what they’ve done forever, now).
i work at a large corp in the southwest, and man, these machines are dropping like flies. good thing my iBook is proverbially sprayed with teflon.
I work for a major corporate processor maker and there are signs up everywhere telling people to install the latests patches because fo sasser. Go figure?
Undecover, Probably because your network admin are dipshits…We have over 100,000 plus PeeeCee’s , No Infections…Why you might ask? Because we did the work the first time about 5 yrs ago and rarely anything gets infected now…Windows ADMINS need to wake up or switch to Mac-N-Trash…
Computers can be set to auto update, but IT geeks would rather have job security hence the manual approach and constant putting out of fires.
In 25 years of computing I have never been borked by a virus except on a Mac. I downloaded a warez race car games and it kill my OS. That was my fault.
‘Dear Monkey Boy or Breath or whatever…. I have a Dull Windows XP Pro machine and I spend more time on it updating NAV, running Norton SystemWorks, defraging the machine, and then there’s that blue screen of death worry..’
You are nuts. I have multiple XP boxes, none of them ever require any attention except when I do dumb stuff to them like install Linux and LILO.
All of this stuff can happen in the background – I have no sympathy for you. You have chosen to waste your time.
Not that I am saying that XP is better – I like OS X best.
luv my eMac. Its a gift from God. I use it for Him. I’m glad to be part of the counter culture. Bill Gates is a hegemon. I’m not too fond of the hegemen, ya know? http://www.millenniafever.org
I wish one of these PC viruses, after speading itself, would erase the every hard drive in it’s grasp.
Then people will just toss their PC right out the door and get a Mac.
Apple sure doesn’t do enough advertising, they have the money to blitz the country. It’s kind of hard to preach the virtues of a Mac without a campaign giving it presence.
Oh well, perhaps Steve is just happy with the cream of the crop of computer users, the stupid cost more money.
“I’m supposed to run software update to fix the slow G5 fan issue? No wonder my hard drive melted, doh” ” I guess Apple needs to replace my hard drive”
“Where are all my pictures and my music?” “Doh, I’m supposed to make regular backups?”
Or better yet one that just took it over and display a full screen “You should ahve bought a Mac!” with a link to the Apple store..
I have this mental image of thousands of flag draped PCs (like the flag draped coffins), with Gates and Ballmer frantically trying to keep it from being broadcast.
No, I haven’t been doing drugs, stop saying that!
Mr. Grady warns that surfing the web makes your computer more succeptible to the sasser virus. Funny thing – YOU HAVE TO GET ON INTERNET TO GO TO WINDOWS UPDATE PAGE! Just more proof that the only Microsoft employees with their heads screwed on straight are working in the mac software dept.
Just wondering – The news says it takes about 10 minutes online before this worm finds a connection and begins to attack. What happens when these worms try to attack a mac? Are they just bounced away?
novice: The worm spreads by scanning different ranges of Internet addresses using a specific port, numbered 445.
Microsoft has analyzed the worm and believes that it also spreads through port 139. Both are data channels used by the Windows file-sharing protocol and, in many cases, are blocked by Internet service providers.
The worm work by exploiting a widespread vulnerability in a security function of Windows, known as the Local Security Authority Subsystem Service, or LSASS.Once a vulnerable system is found (unpached LSASS), Sasser installs FTP server software and then transfers itself to the new host.
Any Mac scanned by the worm on port 445 or 139 is bypassed by the worm as it cannot find any LSASS to exploit. Same happened with viruses like MSBlaster.
So it is very wrong to call all these events as computer viruses/worms/trojans. They are all Windows viruses/worms/trojans. It is amazing to listen to the news reporting on Sasser and NOT ONE time hearing the words Microsoft and/or Windows. The anchorpeople just say “computer” and “PC”.
While “PC” might seem closer to the thruth, also PC running Linux are bypassed by Sasser in that it does not find Windows LSASS to exploit.
BTW, I have a firewall on my OS X platform. I opened those ports and started monitoring on those for scan activity and I/O (when at home, at work I am behind the firm firewall).
I just watched out of curiosity the port scan activity and I/O: the worm scans then closes connection. Nothing else on the Mac no data received or sent.
Then I closed the ports again altogether with warn on scan attempts. Got few more. If I had an unpatched Wintel I would have been infected. ~10 mins online was about the time I waited to see initial scan activities.
It’s times like these that I love to open up my server cupboard and see my 10.3.3 Xserve humming away quietly, unaffected by all these crazy, crazy viruses that Windows seems to catch.
It’s as if Windows has contracted HIV – every virus seems to cripple it and each new virus is worse than the last.
I arrived into work nice and early this morning, the 10 Macs running Panther in our office are just cruising along without a problem. I called my friend whose boss insists on M$ “because it’s the industry standard” HAHAHAHA! He’s gonna have a busy day today cause all his machines are badly infected. It is simply insane to choose Microsoft these days, yet suckers still go out and buy it. Why? Why? Why? Why? Why? Why? Why? Why? Why? Why?
Get OS X, and just turn it on and use it. No need for NAV or NPF, there are no viruses for OS X and the built in firewall works for me
” width=”19″ height=”19″ alt=”grin” style=”border:0;” />
ADD-A-MAC, YOU WON’T LOOK BACK
Nice GUI for the built-in OSX firewall is BrickHouse, available from VersionTracker to those who are interested. Allows much greater control of what ports you open and to who, and also has built in settings to get you up and running quickly.
Dave H,
Good advice.
” width=”19″ height=”19″ alt=”grin” style=”border:0;” />
And for anybody using a PeeCee, please disconnect from the internet now before it’s too late then go to [url=http://www.microsoft.com/security]http://www.microsoft.com/security[/url] to download the patch to patch the patch that is Windows
Huh?
1281: by the time you get a reply from Windows update you are infected.
Security experts are analyzing the worm to determine where Sasser might hit next.
“We don’t know yet, for example, if it attacks machines running on Windows XP Embedded, which runs ATM machines and cash registers. That would be disastrous for banks and retailers,” said Raimund Genes, European president of security software firm Trend Micro.
Check with your Bank and send a letter of complains in case they use Windows XP Embedded. Tell they have to switch off Windows or they loose a customer.
whether people will start dumping Windows when it starts affecting *visibly* and *undeniably* their wallet.
“Sorry, your bank account shows a balance of $0.0 . $5846.71 have been transferred from your account on May 6 2004 at 01:28 am to the profit of Sasser Inc. Best Regards”
hardly an improbable scenario. Another disruptive easy thing to do is to have a virus on one of those ATM to use random account numbers to retire money.
That would be a major disruption and pretty easy to do once broke into the ATM – Windows secured teller machine. LOL, just by reading that I realize what a joke that is: “Windows secured ATM”
UAHUAHUAHUAHUAHUAHUAH
Seahawk,
That was what the “Huh?” was at the end of my post.
Catch 22 or what!
1281: indeed.