[Full-Disclosure] Re: New LSASS-based worm finally here (Sasser)
Jason
security at brvenik.com
Tue May 4 03:42:38 BST 2004
Javier Fernandez-Sanguino wrote:
[...]
>
> [1] Approaching the record of worms in other OS, which, I believe, is
> held by Scalper (10 days from patch to worm). But hey, they could browse
> the source changes for that one.
>
It did not attack an OS directly but I believe the witty worm [1] holds
the record to date. A 1 day window from advisory to release, it attacked
and destroyed a security component that was supposed to protect against
these issues...
[1] - http://www.caida.org/analysis/security/witty/
Full-Disclosure is hosted and sponsored by Secunia.