WASHINGTON : A new Internet worm spreading worldwide hits computers with certain Microsoft operating systems and causes no apparent damage, but closes down the operating system and sends it into a re-boot loop, two US computer security firms said.
The Sasser worm "breaks into your computer and then attempts to break into others. It chooses its victims randomly," said Alfred Huger, Senior Director of Engineering at Symantec, based in Cupertino, California.
The virus affects computers operating Microsoft Windows 2000, Windows Server 2003 and Windows XP, but not Windows 95, Windows 98, Windows Me, or Windows NT, according to Symantec.
Nor are computers using the Macintosh, Linux or UNIX systems affected, said the company.
The worm can infect Internet-connected computers, and unlike most previous viruses it is not spread by email, said Graham Cluley, senior technology consultant for Sophos, another top US software security firm.
"The Sasser worm spreads in a similar way to last year's serious Blaster outbreak," he said, traveling the Internet "exploiting security holes in Microsoft's software."
The worm is currently "not travelling as fast as Blaster did," but computers which are "not properly protected with anti-virus updates, firewalls and Microsoft's security patch are asking for trouble."
Huger said the worm is particular to Microsoft software and "takes advantage of Microsoft vulnerability."
Microsoft, the Redmond, Washington-based software giant, has issued a "patch" that protects computers by "patching the hole" in the company's existing security net, and can be accessed through Microsoft's online update service.
"This worm is unlike previous ones in that it does not appear to be causing any damage to computers," said Huger. "It will slow your computer down, but there does not appear to be any direct damage to the hard drive."
Cluley said home users are especially vulnerable "because they are often not running the latest anti-virus protection, haven't downloaded the latest security patches from Microsoft, and may not be running a personal firewall," he said.
Symantec spokesman Mike Bradshaw said the Sasser worm was first discovered late Wednesday and through Saturday the company had fewer than 100 "suspicious file" reports from its customers, 21 of them from corporations.
"Right now we are not seeing it spread rapidly," he said. "These numbers are quite low. For a virus that is spreading rapidly we would expect to see about 100 reports per hour.
"But we anticipate that the numbers will grow exponentially when people start returning to work" on Monday, said Bradshaw.
Huger said the virus was started deliberately be an individual.
"Of that much we're sure," he said. "What we're not sure of is that individual's motives, because the virus is not doing any damage, and it's not installing a backdoor" which would give future access to other viruses.
"We'll just have to wait and see," he said.<hr>
Haha.. Gd thing is tat I juz installed a firewall yesterdae.. so it wun affect me.. so.. if u kena it, wad u hav to do is..
Download the FixSasser.exe from Symantec
1. Internet MUZ not be connect at all times when u r running the removal tool
2. System restore MUZ be disable
3. Run the tool
4. Restart com
5. Run the tool...
6. can connect to internet le.. go to windowsupdate.microsoft.com
7. scan & install all the critical updates
8. then u r free from virus.
Easy eh? But if u nvr kena.. juz go to windowsupdate.microsoft.com n scan & install all the critical updates... then u'll be virus free... i tink.. haha...
Erm... did i include too many "haha" in this entry? lolz.. hahahahahaha =P
