WhoCare
New Member
- Joined
- Feb 3, 2004
- Messages
- 400
- Reaction score
- 0
Its time to LiveUpdate from your anti-virus program.
News from Yahoo News
HELSINKI/SAN FRANCISCO May 3 (Reuters) - A fast-spreading computer worm called "Sasser" hit personal computers around the world on Monday, causing infected systems to reboot without warning and disrupting banking and other business in one of the biggest virus-like attacks on the Internet since last summer.
Not TV -- HDTV
Learn what you need to know about HDTV, understand how the technology works and see who has the best HDTV content.
The worm, which first struck over the weekend and is already on its fourth variant, exploits a flaw in Microsoft Corp.'s (Nasdaq:MSFT - news) Windows operating system identified in mid-April, computer security experts said.
Unlike previous Internet worms, Sasser enters and infects vulnerable PCs without any action on the part of the user, allowing it to spread quickly, they said.
By Monday afternoon, computer security companies were also warning of a new twist on the virus: an email, claiming to be from an antivirus company with an attachment purporting to fix Sasser infections, that was actually a new form of the widespread, email-clogging Netsky virus.
Investment bank Goldman Sachs (NYSE:GS - news) said its Asian and U.S. trading operations were back "at close to normal" by early afternoon on Monday after the worm disrupted some its systems by forcing computers to automatically reboot.
Lucas van Praag, a Goldman Sachs spokesman, declined to elaborate on the extent of the disruptions.
In Australia, Westpac Bank (WBC.AX) said it was hit by the worm, and branches had to use pen and paper to allow them to keep trading, The Australian newspaper reported.
U.S. carrier Delta Air Lines also suffered a computer glitch on Saturday that caused delays and cancellations of some flights in its system. The company's computer systems were back to normal Monday but the cause of the weekend problem is still being investigated, said Peggy Estes, a company spokeswoman.
Finnish financial company Sampo (SAMAS.HE) temporarily closed all of its 130 branch offices on Monday as a precaution.
"Compared to what happened with Blaster ... last August ... this virus has all the same features," said Mikko Hypponen, Anti-Virus Research Director at Finnish data security firm F-Secure, noting that both worms exploited relatively new holes in Windows and frequently caused computers to reboot.
HOME USERS SEEN AS MOST VULNERABLE
But because the virus seeks out infectable computers automatically and does not use email to spread, experts said personal machines may be most vulnerable.
"I think this is more likely to hit home users than businesses," said Graham Cluley, senior technology consultant for Sophos, adding that those at the most risk were people who had not installed a personal firewall. "They're basically going out there with a sign on their head saying 'punch me."'
Cluley said the fake email is actually spreading a virus called Netsky-AC, which includes a message buried in its code that seems to indicate the two viruses share the same author.
In the message, the virus writers refer to themselves as "Skynet," which may be a reference to the computer system that caused a nuclear war in the "Terminator" movies.
Virus experts said Sasser also contains a hole of its own, in the file transfer protocol server that it installs, which could be either a second way into an infected system or author error.
"Either the author brilliantly included a very difficult to detect backdoor or the author himself wrote vulnerable code," said Chris Rouland, vice president of X-Force, the research and development arm of Internet Security Systems Inc. (Nasdaq:ISSX - news)
Stephen Toulouse, a manager at Microsoft's Security Response Center, said the software company was working with the U.S. Federal Bureau of Investigation to track down those responsible for the worm.
The Sasser worm exploits a flaw in a part of Windows known as the Local Security Authority Subsystem Service, or LSASS, which had been targeted in a Microsoft security update released on April 13.
A link on Microsoft's home page instructs users to make sure that they have installed a protective firewall, updated Windows to close the security loophole the worm exploits and then remove the worm from their hard drives.
Experts said that while the Sasser worm does not seriously damage infected computers, hackers could try to spin off more malicious variants in the coming days.
The impact of the fast-spreading virus was also seen tempered because of holidays that closed many offices on Monday in places like the United Kingdom, parts of Europe and Japan, analysts said.
News from Yahoo News
HELSINKI/SAN FRANCISCO May 3 (Reuters) - A fast-spreading computer worm called "Sasser" hit personal computers around the world on Monday, causing infected systems to reboot without warning and disrupting banking and other business in one of the biggest virus-like attacks on the Internet since last summer.
Not TV -- HDTV
Learn what you need to know about HDTV, understand how the technology works and see who has the best HDTV content.
The worm, which first struck over the weekend and is already on its fourth variant, exploits a flaw in Microsoft Corp.'s (Nasdaq:MSFT - news) Windows operating system identified in mid-April, computer security experts said.
Unlike previous Internet worms, Sasser enters and infects vulnerable PCs without any action on the part of the user, allowing it to spread quickly, they said.
By Monday afternoon, computer security companies were also warning of a new twist on the virus: an email, claiming to be from an antivirus company with an attachment purporting to fix Sasser infections, that was actually a new form of the widespread, email-clogging Netsky virus.
Investment bank Goldman Sachs (NYSE:GS - news) said its Asian and U.S. trading operations were back "at close to normal" by early afternoon on Monday after the worm disrupted some its systems by forcing computers to automatically reboot.
Lucas van Praag, a Goldman Sachs spokesman, declined to elaborate on the extent of the disruptions.
In Australia, Westpac Bank (WBC.AX) said it was hit by the worm, and branches had to use pen and paper to allow them to keep trading, The Australian newspaper reported.
U.S. carrier Delta Air Lines also suffered a computer glitch on Saturday that caused delays and cancellations of some flights in its system. The company's computer systems were back to normal Monday but the cause of the weekend problem is still being investigated, said Peggy Estes, a company spokeswoman.
Finnish financial company Sampo (SAMAS.HE) temporarily closed all of its 130 branch offices on Monday as a precaution.
"Compared to what happened with Blaster ... last August ... this virus has all the same features," said Mikko Hypponen, Anti-Virus Research Director at Finnish data security firm F-Secure, noting that both worms exploited relatively new holes in Windows and frequently caused computers to reboot.
HOME USERS SEEN AS MOST VULNERABLE
But because the virus seeks out infectable computers automatically and does not use email to spread, experts said personal machines may be most vulnerable.
"I think this is more likely to hit home users than businesses," said Graham Cluley, senior technology consultant for Sophos, adding that those at the most risk were people who had not installed a personal firewall. "They're basically going out there with a sign on their head saying 'punch me."'
Cluley said the fake email is actually spreading a virus called Netsky-AC, which includes a message buried in its code that seems to indicate the two viruses share the same author.
In the message, the virus writers refer to themselves as "Skynet," which may be a reference to the computer system that caused a nuclear war in the "Terminator" movies.
Virus experts said Sasser also contains a hole of its own, in the file transfer protocol server that it installs, which could be either a second way into an infected system or author error.
"Either the author brilliantly included a very difficult to detect backdoor or the author himself wrote vulnerable code," said Chris Rouland, vice president of X-Force, the research and development arm of Internet Security Systems Inc. (Nasdaq:ISSX - news)
Stephen Toulouse, a manager at Microsoft's Security Response Center, said the software company was working with the U.S. Federal Bureau of Investigation to track down those responsible for the worm.
The Sasser worm exploits a flaw in a part of Windows known as the Local Security Authority Subsystem Service, or LSASS, which had been targeted in a Microsoft security update released on April 13.
A link on Microsoft's home page instructs users to make sure that they have installed a protective firewall, updated Windows to close the security loophole the worm exploits and then remove the worm from their hard drives.
Experts said that while the Sasser worm does not seriously damage infected computers, hackers could try to spin off more malicious variants in the coming days.
The impact of the fast-spreading virus was also seen tempered because of holidays that closed many offices on Monday in places like the United Kingdom, parts of Europe and Japan, analysts said.