All the latest UK technology news, reviews and analysis
|
|
|
11 May 2004
A new variant of Sasser, apparently authored by one 'Bill Gate', has been spotted on European networks this afternoon.
Sasser F is virtually identical to the previous five versions of the worm, and spreads via a flaw in unpatched Windows operating systems.
The release, coming after the arrest of the chief suspect for Sasser's invention, suggests that source code for the exploit has been released or that the virus is a joint effort within a still operational team.
"To me this would suggest that the source code is out there," said Jack Clark, technology consultant at security software vendor Network Associates.
"But there could be any number of reasons. Sasser could come from a group and technically it could have been released ages ago and only just activated, although that is highly unlikely."
Once on a PC Sasser writes itself onto the drive as NAPATCH.EXE. It then attempts to connect to random IP addresses on ports 445 and 9996.
Microsoft's patch is available here.
Latest stories from Security
Related articles
Related jobs
Poll
What is the most important IT priority for your company this year?
Sneak peek at the forthcoming glass-based machine
Connect with V3.co.uk
This paper focuses on a series of best practices and techniques for development teams looking to improve their software development processes
Why good data management at all levels is essential in the modern business (video, 6mins)
Inside Sales / IT Sales / Business Development / Fluent...
Title: Senior Web Developer / Engineer (HTML, JavaScript...
Job Title: Java Developer (J2SE / JEE) Salary: up to...
Job Title: Agile Test Manager Salary: up to 55k per...
Keep up to date with the latest products, services and technologies from the world's leading IT companies. IThound.com brings you over 2,000 white papers, case studies and analyst reports.
Do you agree?