Researchers at Internet Security Systems estimated 500,000 to one million Sasser infections.
Sasser exploits the Microsoft Local Security Authority Subsystem Service (LSASS) vulnerability, which Microsoft announced and issued a patch for last month.
The worm spreads by scanning randomly chosen IP addresses on unpatched Microsoft systems, according to Symantec. The vendor upgraded a second version of the worm, Sasser.B, to a Category 4 threat, meaning a severe threat.
Sasser affects Windows XP and Windows 2000 systems. A patch for the vulnerability the worm exploits can be downloaded from Microsoft's web site at www.microsoft.com
_(20).jpg&h=140&w=231&c=1&s=0)
_(22).jpg&h=140&w=231&c=1&s=0)
_(26).jpg&w=100&c=1&s=0)
iTnews Executive Retreat - Security Leaders Edition
_(1).jpg&h=140&w=231&c=1&s=0)
