Security time bomb is triggered by 'rogue laptops'
News The LSASS vulnerability, which Microsoft patched in April, is still causing a nuisance because there are so many unpatched computers connected to the Internet. Mikko Hyppönen, director of antivirus research at F-Secure, said the popularity of the...
[June 4, 2004, 18:00]
Sasser's heirs spread slowly
News The network-worm part of Lebreat exploits a known Windows flaw in a component called the Local Security Authority Subsystem Service (LSASS), the security company said. The LSASS vulnerability was also used by the Sasser worm, F-Secure said in its...
[July 18, 2005, 9:30]
Sasser.a and Sasser.b: Prevention and cure
News Sasser takes advantage of a buffer-overrun flaw in the Local Security Authority Subsystem (LSASS), which allows an attacker to gain control of infected systems. Meanwhile, it uses TCP port 445 to search random chunks of the Internet for additional...
[May 5, 2004, 12:00]
McAfee Avert Stinger
Downloads psexec; Coreflood.dldr; CoreFlood.dll; CoreFlood.dr; Cutwail; Danmec; DNSChanger.f; Downloader-AUE; Downloader-BAI; Downloader-DN.a; Downloader-DN.b; Downloader-UA; Downloader-ZQ; Exploit-DcomRpc; Exploit-DcomRpc.b; Exploit-DcomRpc.dll; Exploit...
[July 6, 2009, 20:35]
'Blaster-type event' forecast for summer
News That flaw, in a Windows security component known as the Local Security Authority Subsystem Service (LSASS), has been added to an automated attack agent, or bot, known as AgoBot. Symantec confirmed that it has also captured a version of the AgoBot...
[April 29, 2004, 8:30]
Windows component deleted by CA antivirus
News At the heart of the problem is part of Windows' in-built security, a file called Lsass.exe. The cause of the confusion seems to be Lsass.exe being mistaken for the Trojan Win32/Lassrv.B. Some Windows 2003 users have been experiencing problems with...
[September 4, 2006, 15:50]
Saddam used as worm lure
News The worm can spread via email and by using the Microsoft LSASS vulnerability, the same flaw used by the Sasser worm to spread in record time. Photos of a "dead" Saddam Hussein are the lure for a new mass-mailing worm, Sophos warned on Thursday, in...
[February 4, 2005, 8:25]
Symantec upgrades Korgo worm warning
News The Symantec Security Response team advises computer uses to apply the Microsoft LSASS Buffer Overrun Vulnerability patch as soon as possible. Antivirus company Symantec has upgraded the threat warning on the W32.Korgo.F worm affecting Microsoft...
[June 3, 2004, 9:55]
Netsky writers claim credit for Sasser worm
News Stewart accurately predicted that a worm based on the widespread Local Security Authority Subsystem Service, or LSASS, vulnerability would be released Friday or Saturday. The unknown team of programmers who created the latest variant of the Netsky...
[May 4, 2004, 8:35]
New Sasser variant indicates copycat script kiddie
News Kevin Hogan, senior manager at Symantec Security Response, said that even if there are new variants of Sasser or other malware that exploits the Windows LSASS vulnerability, such as the Cycle worm, are unlikely to cause any damage because most...
[May 11, 2004, 17:35]
Fifth Sasser 'released before arrest'
News Please update your computer with the MS04-011 LSASS patch from the www.microsoft.com website Antivirus companies discovered a fifth version of the Sasser variant this weekend, within hours of German police arresting an 18-year-old man who confessed...
[May 11, 2004, 8:35]
Rupert Goodwins' Diary
Blog The maligned file, lsass.exe, is the Local Security Authority Service. Monday 4/9/2006 Cack-handed security can be worse than no security at all. Take today's little message of joy: CA's anti-virus software had a hissy fit and turned on a component...
[September 8, 2006, 18:30]
