May 02, Computerworld — Worm unleashed that exploits latest Windows security holes,
Microsoft warns. Microsoft Corp. issued an unusual weekend security warning Saturday
that a worm has been unleashed on the Internet taking advantage of a security hole
announced publicly last month. Microsoft once again urged users to install its most recent
critical Windows updates. "Microsoft has verified that the worm exploits the Local Security
Authority Subsystem Service (LSASS) issue addressed in Microsoft Security Update
MS04−011 on April 13, 2004," the company said in an announcement posted yesterday and
updated 3 a.m. PDT this morning, May 2. In its security update, Microsoft included a tool that
checks for system infection by the Sasser worm. Versions of Windows XP and 2000 are
vulnerable, although not XP 64−Bit Edition Version 2003, Microsoft said. Both Symantec
Corp. and Network Associates Inc.'s McAfee antivirus unit currently rate Sasser as medium
risk, while Computer Associates rates it low risk. Trend Micro Inc. says it issued a yellow alert
to its customers. For further information: http://www.microsoft.com/security/incident/sasser.asp11
Source: http://www.computerworld.com/securitytopics/security/virus/story/0,10801,92851,00.html?SKC=news92851