Computer virus Sasser causes havoc worldwide
Discovered on the Internet on Friday night a new virus known as Sasser is causing disruption in homes and businesses from London to Australia.
Thought to have infected between 2,000 and 1m computers worldwide, Sasser spreads directly from the Internet, unlike viruses, which travel through e-mails and attachments.
It exploits a security flaw in recent versions of Microsoft Windows causing the computer to slow down, crash and reboot frequently.
The worm is not thought to cause lasting damage to the hard drive but is extremely inconvenient to users.
Staff at Britain's Maritime and Coastguard Agency were forced to work using pen and paper when a computerised mapping system was brought down by the worm.
Whilst in Taiwan, the postal service reported that Sasser had knocked out around a third of its branch offices’ computer systems.
Government departments and hospitals in Hong Kong were also affected and Reuters reported that, in Germany, the virus struck 300,000 post office computers, preventing staff from issuing cash.
Graham Cluley, senior technology consultant for Oxfordshire-base software security company Sophos, said home users were especially vulnerable.
"They are often not running the latest anti-virus protection, haven't downloaded the latest security patches from Microsoft, and may not be running a personal firewall," he added.
"If you don't have a firewall in place, there is a good chance you will be hit."
He said that an email had also emerged that appeared to be from an anti-virus company and warned people they had been infected with the Sasser worm, but if people opened the attachment their computers would be attacked by a new worm.
Although Microsoft warned customers three weeks ago about the flaw that Sasser exploits - a Windows function called Local Security Authority Subsystem Service - many computer owners had yet to apply the software fix the company released.
The worm can be prevented with a Microsoft security patch which is available, along with a guide to those afflicted, on its website page www.microsoft.com/security.
It is not thought that the worm will cause as much damage as last year's Blaster worm, in part because network operators have become more diligent about applying security fixes.
This time, many operators had updated security on the weekend, before employees returned to work.
Some Internet service providers were also able to filter out traffic generated by the worm.
Stephen Toulouse, a security manager at Microsoft, said four times as many people had downloaded the latest patches as they had fixes before last autumn. He said the company recorded more than 150m successful downloads before the weekend's outbreak.
Microsoft said it was working with the FBI and other law enforcement agencies in an attempt to track down the programmers responsible.
The latest news from virus experts is that a Russian programming team calling itself the Skynet Anti-virus Group is claiming for the worm.
The group is thought to have been behind a number of online attacks.
Sources: BBC Online, Guardian Unlimited
Return to internet news headlines
View Internet News Archive