I'm a new member. I was told about this site after letting a buddy of mine know how ticked I was about Microsoft's handling of the Sasser situation.
I was one of the first to be affected. Trying to find out what was going on, I found out about the LSA problem. Over the weekend, I started researching about other users with simmilar problems, and how they were dealing with it. My search discovered some facts that I knew and a few that I didn't. Virus software (I run both AVG and McAfee VirusScan w/ firewall) could not detect the worm initially, and trying to contact MS about the problem was very problematic. I rooted around Microsoft's site to find the right patch and failed. It was a link on a bulliten board (not Microsoft) that I was able to find the patch.
Here's my gripe: Microsoft released an anouncment that there was a security hole in LSA in the middle of April. When Sasser hit at the end of April, it attacked the very hole that Microsoft released. Why not wait until they fixed the problem <i>before</i> they let the hacks know about it??? The way they handled it, it almost seemed like they invited Sasser to happen.
Maybe I'm missing something...