|
North American Network Operators Group Date Prev | Date Next | Date Index | Thread Index | Author Index | Historical Re: Lsass.exe causing shutdown in IE.
--On Saturday, May 01, 2004 4:18 PM -0400 Henry Yen <[email protected]> wrote: This affects Win2k too. I had to deal with it earlier today. It was my experience that after the machine rebooted a few times it would stay up and allow you to remove the offending files and processes, and apply the appropriate patches.On Sat, May 01, 2004 at 03:09:12AM -0500, Ejay Hire wrote:We're starting to take calls from users about an LSASS.EXE error causing XP to do the 60 seconds till forced reboot, and the normal blaster mitigation and turning on the ICF isn't fixing it. I've been able to reproduce it on one machine locally. Is anyone else seeing it?Sasser (windows) worm. http://isc.sans.org/diary.php?date=2004-04-30 What I like about this worm is that it's extremely easy to identify hosts on your network that are infected. Just run an nmap scan of your network and look for hosts with TCP port 5554 open. -J -- Jeff Workman | [email protected] | http://www.pimpworks.org
|