The Exploits are running wild – Sasser

If you have not installed the latest updates for Windows XP yet, you just might be too late. If nothing else, switch on the Internet Connection Firewall asap if you can.

For more information refer to the Security Report on the Microsoft site.

The new virus on the block is called Sasser (W32.Sasser.Worm). It’s already running wild; I just read some reports about it taking Autralian Railways down.

So personally, I’m a happy man, I get to do my Windows XP SP2 talk tomorrow on the Security Summit, and can you have a better point to explain why Microsoft is doing SP2 than a virus running wild as I speak? It is not enough for Microsoft to be pushing out updates, if people will not update their machines, or if there is no basic protection. Sasser for example will have no effect if you have enabled the Internet Connection Firewall. And yes, there are reasons why not to have it turned on the way it is at the moment. That is why SP2 is such an important piece of security equipment. It will fix a lot of these problems.

Comments (4)

  1. TX says:

    You’re a HAPPY man? Sorry? You should be a happy man if those security patches were available 3 months ago. This sounds as if the security holes are left in there, just to be able to have those nice security speeches…

  2. Rudi says:

    As much as I would enjoy having the whole world revolve around my ego, and releasing some nefarious code, just so I would be happy to give my little speech for a 500 orso developers here in Brussels, Belgium. I dare not to believe this is the case.

    As for releasing these patches sooner, that is besides the point. The exploit was re-engineered from the patch; same as Blaster/SQL Slammer/Nimda. The problem is not that there are bugs in programs (which might/do cause security holes). It is the small community of people that create and release exploit code. The source of this exploit was circulating around the internet already for some days (see my previous post about the warning). It is not Microsoft that is criminal. If you leave your house unlocked, and people come in and damage your house, are you the criminal? No.

    Microsoft is making BIG efforts in security. One case in point is the Windows XP Service Pack 2 that is upcomming. And that is why I am happy. I get to drill this point home to these 500 orso developers here in Belgium. And I really hope they all get the point: To make certain that the apps they write are secure and will run on Windows XP SP2. So that customers have no reason to say they did not want to install SP2 because it would break their XYZ app.

    btw: if you are serious about the security of your system, a simple firewall and Anti-Virus can stop these worms. Personally, I have a wireless router with a firewall and all my machines have the Internet Connection Firewall enabled, a virus-checker and I update my system. Like my house, my car, my mobile phone, etc; I take care of these things. Since if anyone of these items are broken, they can have a big impact on my daily life.

  3. Aaron Lewis says:

    The comparison to locking the door of your house doesn’t hold water. If companies that built houses designed the walls so that sections of it would fall away periodically, leaving man-sized openings for criminals to creep in, then you’d have a valid comparison.

    I’m not of the belief that Microsoft intentionally designs security flaws, however. The negative PR that’s generated by these problems is too much for a company to take. Rather, it should be too much for a company to take. 😉

  4. Rudi,

    Thanks for blog’ging about this stuff. I’d love to see some more information re: SP2; we got given those discs while in Redmond recently but I still haven’t installed it as yet.