big alert for new virus like sasser
Some call it bubox, but the analysis of this new worm using the same vulnerabilities of sasser is very early stages. The Internet Storm Center which can give advance warnings based on thousands of firewall logs from all over the world, warns that the worm is scanning port 5000. It thinks this is related to the fact that XP gives the OS information free on that port. It thinks that about 400.000 posts are sending out that kind of infected traffic.
You read it right. There seem to be 400.000 posts infected with a new worm and we have only a very global idea about what it is doing.
Same time, block your port 5000 or watch it on your network. And be sure that it it is patched, your computers and your network. http://patch.skynetblogs.be
Free antivirus http://antivirus.skynetblogs.be
For networkadministrators http://netwerk.skynetblogs.be
Do not wait till tomorrow.