Tuesday, May 4, 2004

Plugging the Sasser hole

As you may be aware, there's a new worm making the rounds on the computer virus network called Sasser. Yesterday, I downloaded a removal utility that found two instances of Sasser on my home PC and removed them (and a trojan horse, too, but I don't want to steal anyone's thunder).

The worm appeared only to overload my CPU so that I was unable to do much of anything. It was more of an annoyance than anything else -- before I got the virus, I merely stopped the application that was hogging all the processing power. However, Microsoft apparently thought it not so much a pest as a pain-in-the-ass, judging by the turn of phrase in the article:
    Sasser appeared on Friday and exploits a recently disclosed hole in a component of Windows called the Local Security Authority Subsystem Service, or LSASS. Microsoft released a software patch, MS04-011, on April 13 that plugs the LSASS hole.
And now all Windows has to do is stop metaphorically bending over.