Welcome to the Virus Encyclopedia of Panda Security.
|Alias:||WORM_SASSER.F, Worm.Win32.Sasser.a, W32/Sasser.worm.f, W32/Sasser.A.worm|
It restarts the computer. It spreads by exploiting the LSASS vulnerability.
|Detection updated on:||May 11, 2004|
|Yes, using TruPrevent Technologies|
Sasser.F is a worm that spreads via the Internet by exploiting the LSASS vulnerability in remote computers. This vulnerability is critical for Windows XP/2000 operating systems that are not properly updated.
Sasser.F restarts the computer automatically when it attempts to exploit the already mentioned vulnerability.
Sasser.F only spreads automatically to Windows XP/2000 computers. However, computers with other Windows operating systems can also be a source of transmission when a malicious user runs the file containing the worm in any of these computers.
If you have a Windows XP/2000 computer, it is highly recommendable to download the security patch for the LSASS vulnerability from the Microsoft website.
Sasser.F is easy to recognize, as it restarts Windows XP/2000 computers when it attempts to affect this computer by exploiting the LSASS vulnerability. When this action is carried out, Sasser.F displays the following message on screen: