A new Internet worm that exploits a software vulnerability revealed in Microsoft's April 2004 monthly security patch is threatening to become the next high-volume attack on Windows-based systems. Security experts warn that the Sasser worm could affect millions of Windows computers by the time it peaks sometime today because these types of attacks typically pick up steam when the workweek begins.
The Sasser worm spreads across the Internet, seeking unpatched systems running Windows Server 2003, Windows XP, and Windows 2000. Infected systems reboot several times and attempt to replicate the worm to other nearby networked systems. The worm doesn't delete any user data or perform any other dangerous actions, however.
Currently, systems in South Korea have been the hardest hit because of that country's density of high-speed connections but security experts expect North America and Europe to catch up by the time the workweek gets underway. Microsoft says that Sasser can't attack systems running a firewall. The company advises users who have infected systems to update to the most recent security patches to counteract the worm and stay protected going forward.