You're in: Panda Security > Home Users > security-info > about-malware > encyclopedia > overview

Virus Encyclopedia

Welcome to the Virus Encyclopedia of Panda Security.

Encyclopedia GetVirusCard True 0

Sasser.D
Threat LevelDamageDistribution

At a glance Tech details | Solution


Common name:	Sasser.D
Technical name:	W32/Sasser.D.worm
Threat level:	Low
Type:	Worm
Effects:	It restarts the computer. It spreads by exploiting the LSASS vulnerability.
Affected platforms:	Windows 2003/XP/2000/NT/ME/98
First detected on:	May 3, 2004
Detection updated on:	Dec. 15, 2005
Statistics	No
Proactive protection:	Yes, using TruPrevent Technologies
Repair utility:	Panda QuickRemover

Brief Description

Sasser.D is a worm that spreads via the Internet by exploiting the LSASS vulnerability in remote computers. This vulnerability is critical only for Windows XP/2000 operating systems that are not properly updated.

Sasser.D restarts the computer automatically when it attempts to exploit the already mentioned vulnerability.

Sasser.D only spreads automatically to Windows XP/2000 computers. However, computers with other Windows operating systems can also be a source of transmission when a malicious user runs the file containing the worm in any of these computers.

If you have a Windows 2003/XP/2000/NT computer, it is highly recommendable to download the security patches for the LSASS vulnerability from the Microsoft website.

Visible Symptoms

Sasser.D is easy to recognize, as it restarts Windows XP/2000 computers when it attempts to affect this computer by exploiting the LSASS vulnerability. When this action is carried out, Sasser.D displays the following message on screen:

Panda Security. New Lineup 2013. Renew now

Antivirus Solutions

Technical Support