Monday, May 03, 2004 #

Sasser Worm is in the wild

As reported last month on Patch Tuesday (4/13), the sheer number of patches released by Microsoft on that day boded poorly for those who did not patch their systems as soon as possible. We suspected that hackers and script kiddies would be quick to pounce on these vulnerabilities, knowing that not everyone would be protected. Rudi Larno has a BLog entry on the Sasser Worm (W32.Sasser.Worm), with links to some of what it's already done, and a few things you can do to protect your system (if it's not too late) while you go get and apply the patches.

Updates:
Michael Howard reports why Windows Server 2003 is not affected. Isn't it time you considered upgrading your servers?

Jonathan Hardwick reports where to get a Sasser removal tool, among other things, including the official Microsoft incident page for Sasser.

Tristan K. explanation of how to block port 445 using IPSec policies.

Bob Baker

posted @ Monday, May 03, 2004 7:05 PM | Feedback (0)

Install or Re-Install the Microsoft Java Virtual Machine

Back in January of 2004, Jim Byrd put together a great all-in-one posting to the microsoft.public.windowsupdate UseNet newsgroup about installing or re-installing the Microsoft Java Virtual Machine. Now that Microsoft and Sun are patching things up, we should see some better support for the VM shortly. In the meantime, for those of you who have broken Java applets as a result of installing Windows XP Service Pack 1a (or for whatever other reason), and are trying to use the Sun Microsystems Java Runtime Environment (JRE) in its place unsuccessfully, I have put together a step-by-step job aid document with links to the required files which can be reached here. I have copied all of the required files here on my server in case any of the original links from the archived newsgroup posting are no longer available.

Bob Baker

posted @ Monday, May 03, 2004 1:46 PM | Feedback (0)