Sasser worm affects computers in India

By siliconindia   |   Wednesday, 05 May 2004, 19:30 IST
Printer Print Email Email
NEW DELHI: The dreaded Sasser worm that has affected computers across the world has started dogging Indian users to some extent with IT security firms receiving reports of network slowdown. "There is an impact of this worm on India. But there is no formal data available on the extent of the impact. However, a fair amount of customers have been affected," CEO of IT security firm Trend Micro Neeraj Kaushik said. He said the worm which made an appearance on the weekend, is the fourth variant of the worm and it cannot be said when it would become weak or subside. The prevention is to upgrade the systems, run patches. Trend Micro had on Monday issued a `medium risk' alert for a worm that spreads by scanning for random Internet Protocol (IP) addresses. The Worm_SASSER.A has been seen in several countries throughout Europe, Asia and in the US. Trend issued a medium risk alert for Worm_SASSER.A to raise awareness about this worm that spreads by scanning for random IP addresses and exploiting a buffer overrun vulnerability recently reported by Microsoft. Another IT security firm Microworld said it had a customer reporting slowing down of the network due to a possible attack on the system as early as Wednesday last week. "The worm has an impact on India. It is not limited to any geography as the worm attacks Microsoft systems which is there on almost every computer", CEO, Microworld Govind Ramamurthy said. "We have 20-30 complaints of network slowdown but there is no specific detail of the infected PCs", Ramamurthy said adding the best solution is to run the patch Microsoft has released. "Sasser worm is more dangerous than the Blaster worm which appeared a few months ago", he said. According to Sunil Mehta, vice president, Nasscom, there is no specific information as yet on the impact on India. "We do know that Computer Emergency Response Team established by Department of IT had reported a warning recently and rated it as medium severity, while also making available few patches," Mehta pointed out. According to another IT sceurity firm Symantec, the worm spreads by scanning randomly the select IP addresses for vulnerable systems. Sasser, which also struck large US, German and British firms, infects computers by exploiting a flaw in Microsoft Windows Operating System. Once inside, the worm scans the internet for others to attack causing some computers to continually crash and reboot.