Edit Virus Alert

Panda Software Announces Computer Virus RED ALERT as Sasser worms could affect as many as 300 million computers worldwide ➢ Sasser.D is the latest of the new variants of the worm that continue to appear and all indications are that it is the most virulent ➢ As companies return to work after the weekend, the number of infections could dramatically increase ➢ Given the seriousness of the situation, Panda Software has raised the virus alert status to red ➢ The creators of the new Netsky.AC worm - detected a few hours ago- have claimed responsibility for Sasser ➢ To ensure they are protected, users should install the Microsoft patch that corrects the vulnerability exploited by Sasser Glendale, CA - May 3, 2004 - The number of computers affected by the Sasser worm continues to rise, and the situation looks set to worsen as companies return to work after the weekend. Luis Corrons, head of PandaLabs warns of the threat, “Bear in mind that some 300 million computers worldwide are vulnerable to attack by the Sasser worm, which gives an idea of the potential scale of the threat. New variants are also likely to emerge and for this reason, even though we launched a pre-alert at the weekend, we have now declared a red alert.” The Sasser worms are particularly dangerous for corporate environments as they can spread across networks in a matter of seconds. Both the French Stock Exchange and the France Presse news agency have fallen victim to this new malicious code and their communications were affected on Saturday. The situation appears to be even more serious as the creators of the worm are coordinating the continuous launch of new variants in order to increase the probability of infection. PandaLabs has now detected the presence of Sasser.D as well as Sasser.C, which can launch up to 1024 process in memory, making it potentially far more virulent than its predecessors. The appearance of the new Sasser worms is seemingly directly linked to the wave of viruses blighting the Internet over the last few months. PandaLabs has also detected the new Netsky.AC worm, which like its predecessors contains a message hidden inside its code. On this occasion however, there are no insulting messages to the authors of other worms such as Bagle or Mydoom, but instead a message directed at antivirus vendors. The message claims that the authors are also responsible for the Sasser worms: Hey, av firms, do you know that we have programmed the sasser virus?!?. Yeah thats true! Why do you have named it sasser? A Tip: Compare the FTP- Server code with the one from Skynet.V!!! LooL! We are the Skynet...' Here is an part of the sasser sourcecode you named so, lol Given the serious nature of the situation, Panda Software has made its PQRemove utility available, free of charge, to all users to detect and eliminate the viruses here: http://www.pandasoftware.com/download/utilities/ Panda Software informs users that the new worm can be detected and disinfected with an up-to-date antivirus, but it is important to install the Microsoft patch to ensure that Sasser.A doesn’t re-infect computers. The vulnerability exploited by this worm was reported by Microsoft recently in bulletin MS04-011 (http://www.microsoft.com/technet/security/bulletin/MS04-011.mspx), along with the patch. Panda Software has made the updates necessary to its products available to clients. More information about these and other IT threats is available from: http://www.pandasoftware.com/virus_info/encyclopedia/ Panda Software’s online support center also offers help to users at: http://www.pandasoftware.com/support/ Panda Software clients can update their antivirus through the applications installed on their computers. Users can also scan and disinfect their computers using Panda ActiveScan, the free, online scanner available from: www.pandasoftware.com. About PandaLabs On receiving a possibly infected file, Panda Software's technical staff gets straight to work. The file is analyzed and depending on the type, the action taken may include: disassembly, macro scanning, code analysis etc. If the file does in fact contain a new virus, the disinfection and detection routines are prepared and quickly distributed to users. For more information: Alan Wallace [pic][pic][pic][pic][pic][pic]