Published Nov 11, 2004|Updated Apr 16, 2011


Alert level: Severe Detected with Windows Defender Antivirus

Also detected as: W32/Sasser.worm (McAfee) W32.Sasser.Worm (Symantec) WORM_SASSER (Trend Micro) Win32.Sasser (CA) Sasser (F-secure) Sasser (Panda) W32/Sasser (Sophos) W32/Sasser (Norman)

Win32/Sasser is a family of network worms that exploit the Local Security Authority Subsystem Service (LSASS) vulnerability fixed in Microsoft Security Update MS04-011. The worm spreads by randomly scanning IP addresses for vulnerable machines and infecting any that are found.


Latest news