Biography of a Worm
Networks choke on traffic, and crash. Computers reboot continuously, paralyzing banks, airlines, and hospitals. The cause: an attack by a worm named Sasser, which dominated the Internet for five days last May, infecting millions of computers.
Viruses as virulent as Sasser are coming at PC users faster than ever. The first half of 2004 saw a fourfold increase in new Windows viruses over the same period in 2003. With attacks coming from all sides, we examined the system that's supposed to protect us.
Who created Sasser? The short answer is a malicious hacker. But Sasser is also the by-product of the very system that's supposed to protect computer users. The hole Sasser wriggles through was discovered by an employee at a California security firm. And in releasing a patch for the hole, Microsoft supplied hackers worldwide with all the technical data they needed to exploit it. In short, you have to wonder whether this cure is worse than the disease.
To answer that question--and to examine what's right and what's wrong with the patch system--we followed Sasser's trail.