New Internet Worm Emerges in the Wake of the Sasser Attack

( [email protected] ) May 19, 2004 07:43 AM EDT

A new internet worm that exploits the same flaw in Microsoft Windows as the Sasser worm as emerged and is turning computers into spam factories.

The Sasser worm, which wreaked havoc around the world on May 1, forced over 18 million computers worldwide into an unstoppable pattern of shutting down and rebooting.

Unlike a virus, does not have to travel through e-mail but can spread by itself to any unprotected computer linked to the Internet. Once infected, the creator of the worm can instruct the program to download and run another program, scan and infect other machines, stop scanning or send spam from a preloaded e-mail template and address list.

Microsoft offers a patch to fix the vulnerability to the worm, which should limit the impact of the worm, according to the anti-virus firm, Sophos. However, Hamish O’Dea, a senior virus researcher from Computer Associate’s Melbourne operation, points out that personal computer users are unlikely to install the patch.

"When Sasser turned up, the worst hit were personal users; corporates are more likely to patch anyway, even if there is no worm. There is no such trend among home users," O'Dea said.

The Bobax worm is still a low-level threat said O’Dea, but precautions are urged as it is exploiting a vulnerability that made it easy to spread.