Analysis of Windows 9x and ME impactsThe bottom line is that there are none other than someone copying the actual infected code to a Windows 98 PC and launching it.
Symantec retracted this on the "D" variant as it's now found on the "A", "B", and "C" variants. Other AV vendors aren't reporting this but I've affirmed the potential with McAfee. Thankfully it is a REMOTE and potentially RARE issue.
While Sasser can run on W/9x as a Win32 process, it must be MANUALLY copied by the user. So far I'm not aware of any automatic injections of the Sasser worm Win32 code as a "process" into W/9x workstations.
This is most likely a minor issue, and the threads here if there is any "Sasser and W/9x impacts" news http://www.symantec.com/avcenter/venc/data...asser.worm.htmlhttp://www.symantec.com/avcenter/venc/data...ser.b.worm.htmlhttp://www.symantec.com/avcenter/venc/data...ser.c.worm.html
W32.Sasser.C.Worm can run on (but not infect) Windows 95/98*Grinler computers. Although these operating systems cannot be infected, they can still be used to infect vulnerable systems that they are able to connect to. In this case, the worm will waste a lot of resources so that programs cannot run properly, including our removal tool. (On Windows 95/98*Grinler computers, the tool should be run in Safe mode.)