Active Scan. Scan your PC free
Download Cloud Antivirus Gratis

Virus Encyclopedia

Welcome to the Virus Encyclopedia of Panda Security.


Threat LevelSevere threatDamageSevereDistributionModerately widespread
Common name:Sasser.B
Technical name:W32/Sasser.B.worm
Threat level:Severe

It restarts the computer. It spreads by exploiting the LSASS vulnerability.

Affected platforms:

Windows 2003/XP/2000/NT/ME/98/95

First detected on:May 1, 2004
Detection updated on:March 6, 2006
Proactive protection:
Yes, using TruPrevent Technologies
Repair utility:Panda QuickRemover

Brief Description 


Sasser.B is a worm that spreads via the Internet by exploiting the LSASS vulnerability in remote computers. This vulnerability is critical for Windows XP/2000 operating systems that are not properly updated.

Sasser.B restarts the computer automatically when it attempts to exploit the already mentioned vulnerability.

Sasser.B only spreads automatically to Windows XP/2000 computers. However, computers with other Windows operating systems can also be a source of transmission when a malicious user runs the file containing the worm in any of these computers.

If you have a Windows XP/2000 computer, it is highly recommendable to download the security patch for the LSASS vulnerability from the Microsoft website.

Visible Symptoms 


Sasser.B is easy to recognize, as it restarts Windows XP/2000 computers when it attempts to affect them by exploiting the LSASS vulnerability. When this action is carried out, Sasser.B displays the following message on screen: