Page 2 of 3 FirstFirst 123 LastLast
Results 11 to 20 of 24

Thread: The Sasser Worm & Symantec's FxSasser.exe..

  1. #11
    Senior Member
    Join Date
    Jan 2003
    Posts
    1,499
    Did you patch the windows box or just the Antivirus ?

  2. #12
    Senior Member
    Join Date
    Jan 2003
    Posts
    1,499
    Did you patch the windows box or just the Antivirus ?

  3. #13
    Antionline's Security Dude instronics's Avatar
    Join Date
    Dec 2002
    Posts
    901
    Just the AV, since the owner of the box does not want to update windows itself via patches.
    Ubuntu-: Means in African : "Im too dumb to use Slackware"

  4. #14
    Antionline's Security Dude instronics's Avatar
    Join Date
    Dec 2002
    Posts
    901
    Just the AV, since the owner of the box does not want to update windows itself via patches.
    Ubuntu-: Means in African : "Im too dumb to use Slackware"

  5. #15
    Just Another Geek
    Join Date
    Jul 2002
    Location
    Rotterdam, Netherlands
    Posts
    3,401
    Originally posted here by instronics
    Just the AV, since the owner of the box does not want to update windows itself via patches.
    Now there's an accident waiting to happen
    Oliver's Law:
    Experience is something you don't get until just after you need it.

  6. #16
    Just Another Geek
    Join Date
    Jul 2002
    Location
    Rotterdam, Netherlands
    Posts
    3,401
    Originally posted here by instronics
    Just the AV, since the owner of the box does not want to update windows itself via patches.
    Now there's an accident waiting to happen
    Oliver's Law:
    Experience is something you don't get until just after you need it.

  7. #17
    Antionline's Security Dude instronics's Avatar
    Join Date
    Dec 2002
    Posts
    901
    From what he tells me, the reason is, he has alot of 'copied' software on that box, and installing M$ patches might lock up certain applications etc.... But back to my original question, does anyone know if symantec AV deals with sasser fully?
    Ubuntu-: Means in African : "Im too dumb to use Slackware"

  8. #18
    Antionline's Security Dude instronics's Avatar
    Join Date
    Dec 2002
    Posts
    901
    From what he tells me, the reason is, he has alot of 'copied' software on that box, and installing M$ patches might lock up certain applications etc.... But back to my original question, does anyone know if symantec AV deals with sasser fully?
    Ubuntu-: Means in African : "Im too dumb to use Slackware"

  9. #19
    Just Another Geek
    Join Date
    Jul 2002
    Location
    Rotterdam, Netherlands
    Posts
    3,401
    I don't think any virusscanner will prevent LSASS from being exploited. It'll probably only prevent the dropping of the files (adserve etc.). So you would be protected from infection by known versions of sasser but if the hole isn't patched anything else could still abuse it.
    Oliver's Law:
    Experience is something you don't get until just after you need it.

  10. #20
    Just Another Geek
    Join Date
    Jul 2002
    Location
    Rotterdam, Netherlands
    Posts
    3,401
    I don't think any virusscanner will prevent LSASS from being exploited. It'll probably only prevent the dropping of the files (adserve etc.). So you would be protected from infection by known versions of sasser but if the hole isn't patched anything else could still abuse it.
    Oliver's Law:
    Experience is something you don't get until just after you need it.

Posting Permissions

  • You may not post new threads
  • You may not post replies
  • You may not post attachments
  • You may not edit your posts
  •