Sasser Worm

What Does Sasser Worm Mean?

A Sasser worm is a computer worm mainly targeting computers running Microsoft OSs such as Windows XP and Windows 2000. Sasser worm transmits by exploiting a vulnerable network port. This worm can easily spread out from one computer to another without user interference.


Sasser worm was first discovered in April 2004. It belongs to a family of self executing worms known as W32.Sasser.

Techopedia Explains Sasser Worm

The Sasser worm was written by a German computer science student named Sven Jaschan. The worm was first noticed when it exploited a buffer overrun in a process called local security authority subsystem service (LSASS), which enforces security policies on the system. It has the ability spread to many computers rapidly. Sasser worm uses the TCP port number 445 to attack a computer. (Though some Microsoft researchers also claim it may use port 139).

Within a short time, the variants Sasser-A, Sasser-B and Sasser-C were found to be affecting hundreds of computers around the world.

The W32.Sasser family of worms can also run on computers running Windows 95, 98 and Me OSs. On some systems the worm may cause LSASS.EXE to crash, resulting in a system reboot.


Related Terms

Latest Cybersecurity Terms

Related Reading

Margaret Rouse

Margaret Rouse is an award-winning technical writer and teacher known for her ability to explain complex technical subjects to a non-technical, business audience. Over the past twenty years her explanations have appeared on TechTarget websites and she's been cited as an authority in articles by the New York Times, Time Magazine, USA Today, ZDNet, PC Magazine and Discovery Magazine.Margaret's idea of a fun day is helping IT and business professionals learn to speak each other’s highly specialized languages. If you have a suggestion for a new definition or how to improve a technical explanation, please email Margaret or contact her…