May 2, 2004 Information Security Advisory

Two weeks ago, Workingarts issued a security warning related to the Microsoft
Security Bulletin MS04-011: Security Update for Microsoft Windows (835732)

Today, a particularly aggressive virus (Sasser) is attacking Windows machines 
around the works that have not fixed the Windows LSASS service vulnerability 
documented in the MS04-011 bulletin.

The new worm is called W32.Sasser.B.Worm

Your computer is probably immune from the attacks if you followed instructions
from the April 14 security warning. 

Systems Affected

Microsoft Windows Operating Systems

Recommendation:

* Update your antivirus signatures
* Download* a removal tool from your favorite antivirus vendor (Norton, Panda,
Trend Micro, Computer Associates, McAfee, etc.)
* Scan your hard drive and follow removal instructions
* If you have not already updated your Windows Operating System, update it at 
http://v4.windowsupdate.microsoft.com/

*: For Example, the Norton antivirus removal tool for the Sasser worm is located 
at http://securityresponse.symantec.com/avcenter/FxSasser.exe

Happy safe computing!


Frederic Martin
www.workingarts.com

PS1: If you want to be removed from this computer security advisory mailing list,
please reply with "remove" in the subject of the message. 
To review archived security warnings, please go to 
http://www.workingarts.com/infosecarchives.html

PS2: Feel free to forward this email to your friends and colleagues, who can 
register to receive these alerts at http://www.workingarts.com/specialoffer.html