| When: | Current (pending and recent) Future Past |
|---|---|
| Where: | All Areas WA SA VIC NSW QLD NT ACT TAS |
| Search: |
Internode Advisory #2555 - Details
| Advisory 2555 - Windows 2000/XP LSASS Buffer Overrun Vulnerability (Worm_Sasser.A) | ||
|---|---|---|
| Source |
 |
Other |
| Start | Sat May 1 09:00:00 2004 | |
| End | TBA | |
| Summary | Windows 2000/XP LSASS Buffer Overrun Vulnerability (Worm_Sasser.A) | |
| Services | Unlisted | |
| Areas | Australia | |
| Details | There is a new Windows exploit
affecting Windows 2000/XP users resulting in unstable system
performance and difficulties browsing web pages. Symptoms may include: - Browser hijacking (Internet Explorer) - High CPU usage - Revoked Administrator rights on the local machine - Removal of programs from the All Programs list Internode advises all customers to install all Microsoft Windows Critical updates and to update any virus scanning software. For more information, please visit the following links: -  http://www.microsoft.com/security/incident/sasser.asp- http://securityresponse.symantec.com/avcenter/security/Content/10108.html Important note: Some selective port blocking will be enabled by Internode for a short period, to slow the spread of this issue. UPDATE: 3 May 2004 Internode is now blocking the propagation of the SASSER worm on all LNS and dialup/ISDN Access Server equipment. PADSL and dialup customers will receive the benefit of this block if they logout and login again. The ACL protecting BADSL customers is in-force now. The ACL blocks TCP ports 9996 and 5554. It will be removed on 3 June 2004. | |