Sasser worm exploiting Windows 2000 and XP machines

Latest News
Microsoft Warns of Word attack Backup Your Information! Daylight Saving Howto & Warning Storm Virus Provide Spammers New Exploited PC MarshallS/TJ Max Security Breach

Popular
Installing Skype on Ubuntu Linux MarshallS/TJ Max Security Breach Secure Hard Disk Erasing Reseting the TCP/IP stack on an MS XP with NETSH command Terms and Conditions

The Sasser worm exploits Windows 2000 and XP machines. This worm is quickly spreading on the net through a documented flaw in the Local Security Authority Subsystem Service (LSASS) as described in Microsoft Bulletin MS04-011.

The Worm attempts to connect to randomly-generated IP addresses on TCP port 445. If a connection is made to a computer, the worm sends shellcode to that computer which may cause it to run a remote shell on TCP port 9996. The worm then uses the shell to cause the computer to connect back to the FTP server on port 5554 and retrieve a copy of the worm.

Install all your Windowx XP and 2000 System and Security Patch to prevent this Worm from affecting your system.