Got this from my Microsoft TAM and wanted to share it with everyone before they get hit:
All,
Last week you were alerted to the presence of malicious code that sought
to exploit vulnerabilities addressed as part of our April security
updates. We continue to encourage you to apply Microsoft Security
Bulletin MS04-011 as we feel this is the best course of action.
- Microsoft has been made aware of a worm identified as
"W32.Sasser.worm" and it is currently circulating on the Internet. The
worm exploits the Local Security Authority Subsystem Service (LSASS)
vulnerability fixed in Microsoft Security Update MS04-011 on April 13,
2004.
- Microsoft encourages customers to protect themselves against this
worm by installing Microsoft Security Bulletin MS04-011
<www.microsoft.com/technet/security/bulletin/ms04-011.mspx> immediately.
- Customers who have enabled the Windows XP Firewall are protected from
the vector this worm attacks, which is TCP Port 139. Most third party
firewalls also block this attack vector by default.
You can also view additional information on W32.SASSER at
http://www.microsoft.com/security/incident/sasser.asp
All,
Last week you were alerted to the presence of malicious code that sought
to exploit vulnerabilities addressed as part of our April security
updates. We continue to encourage you to apply Microsoft Security
Bulletin MS04-011 as we feel this is the best course of action.
- Microsoft has been made aware of a worm identified as
"W32.Sasser.worm" and it is currently circulating on the Internet. The
worm exploits the Local Security Authority Subsystem Service (LSASS)
vulnerability fixed in Microsoft Security Update MS04-011 on April 13,
2004.
- Microsoft encourages customers to protect themselves against this
worm by installing Microsoft Security Bulletin MS04-011
<www.microsoft.com/technet/security/bulletin/ms04-011.mspx> immediately.
- Customers who have enabled the Windows XP Firewall are protected from
the vector this worm attacks, which is TCP Port 139. Most third party
firewalls also block this attack vector by default.
You can also view additional information on W32.SASSER at
http://www.microsoft.com/security/incident/sasser.asp
Facebook
Twitter