The Sasser worm is spread through a flaw in the Windows 2000 and Windows
XP Operating Systems. The flaw is created by a service that is included
in Windows to allow remote administration (LSASS). The worm attacks
the computer, and then turns the computer into an FTP server that
sends out as many copies of the worm to as many unprotected computers
as possible. The worm then opens another port, #9996 that can be used
for future attacks.
The worm may cause some computers to crash. You will only be able
to use the removal tool below once your computer has been rebooted.
Removing W32.Sasser.X@mm
Download the W32.Sasser.X@mm
removal tool from Symantec.
To email this tutorial, enter an email address in the box above and click the Email this tutorial button. Your default email client will launch and you will be able to customize a message to go along with the tutorial. To print this tutorial, click the Print this tutorial button. A new window will open with a printable version of this web site.
