Exploit blocked

Hi all!

Sometime, when I surf the net, my Avast says me that an exploit attack has been blocked…

21.09.2006 11:34:17 LSASS Exploit (SXP) attack
from 23.244.113.195:445
21.10.2006 13:21:52 LSASS Exploit (SXP) attack
from 23.244.118.85:445
21.10.2006 14:08:48 LSASS Exploit (SXP) attack
from 23.244.117.139:445
21.10.2006 14:10:52 LSASS Exploit (SXP) attack
from 23.244.117.139:445
21.10.2006 14:49:13 LSASS Exploit (SXP) attack
from 23.244.117.139:445
21.10.2006 15:57:23 LSASS Exploit (SXP) attack
from 23.244.117.139:445
21.10.2006 16:10:44 LSASS Exploit (SXP) attack
from 23.244.117.139:445
21.10.2006 16:13:26 LSASS Exploit (SXP) attack
from 23.244.117.139:445
21.10.2006 16:17:37 LSASS Exploit (SXP) attack
from 23.244.117.139:445
21.10.2006 16:27:07 LSASS Exploit (SXP) attack
from 23.244.117.139:445

What can I do?? What is this exploit?

Oh, I have the 4.7 Home Edition Version, updated with the latest VPS

It is a exploit detected 2 years ago in LSASS file. This vulberability is exploited by the W32. Sasser worm. But dont worry if you have your computer with the latest updates you will not have problem. Also as AVast stated the exploit is blocked. I recomend that you use a firewall( not necessarly the Windows one).

Network Shield protects you from internet worms that spread themselves via various security holes in your system. Typicaly these kind of viruses don’t infect files but instead they attack running processes on your PC (either Windows components or some server programs like SQL Server, IIS etc.). These kind of attacks are not easily catched by ordinary antivirus during file or mail scanning. It is not a duplicate work with Standard Shield.

Basically, it covers all Internet worms. Such as Win32.CodeRed, Win32.SQLSlammer, Win32.Blaster, in32.Welchia (Nachi) and Win32.Sasser.

Your operational system is not updated :stuck_out_tongue:
Your firewall (if any) is not working :stuck_out_tongue:

Why do you think so?
I mean, it can be true, but I don’t see any evidence about it from the information given :wink:

These attacks are generally related to the problems I’ve posted ::slight_smile:

The attacker doesn’t know if the system being attached is up to date or not, or if the firewall is working, it is a speculative attack, hoping that a) the firewall doesn’t block the attack b) the OS is not up to date. The fact that this attack is detected doesn’t mean either of the above (a or b) is true.