Tech moves fast! Stay ahead of the curve with Techopedia!
Join nearly 200,000 subscribers who receive actionable tech insights from Techopedia.
A Sasser worm is a computer worm mainly targeting computers running Microsoft OSs such as Windows XP and Windows 2000. Sasser worm transmits by exploiting a vulnerable network port. This worm can easily spread out from one computer to another without user interference.
Sasser worm was first discovered in April 2004. It belongs to a family of self executing worms known as W32.Sasser.
The Sasser worm was written by a German computer science student named Sven Jaschan. The worm was first noticed when it exploited a buffer overrun in a process called local security authority subsystem service (LSASS), which enforces security policies on the system. It has the ability spread to many computers rapidly. Sasser worm uses the TCP port number 445 to attack a computer. (Though some Microsoft researchers also claim it may use port 139).
Within a short time, the variants Sasser-A, Sasser-B and Sasser-C were found to be affecting hundreds of computers around the world.
The W32.Sasser family of worms can also run on computers running Windows 95, 98 and Me OSs. On some systems the worm may cause LSASS.EXE to crash, resulting in a system reboot.