RE: 19 Year Old German Created SASSER WORM
Finding the exploit in lsass.exe (listens on port 445, Windows File and Printer sharing server) is the hard bit. Since every XP (2000 too possibly) machine out there listens on that port, it meant that some 200 million computers were vulnerable.
Writing the virus that exploited it, etc, wasn't the hard bit.
And I believe your computer restarted sometimes because the buffer overflow occasionally crashed lsass.exe.
The previous sentence is false. The following sentence is true.
|