Top ASP 101 Stories Getting Scripts to Run on a Schedule The Top 10 ASP Links @ Microsoft.com What is Adovbs.inc and Why Do I Need It? QUICK TIP: Start Optimizing Where It Matters Most Show All Tips >>  ASP 101 Updates

The "Slammer" Worm - Are You Patched?

Overview

While it's not strictly ASP news... the worm is affecting businesses large and small:

The "Slammer" virus is an Internet worm targeting un-patched Microsoft SQL Server 2000 and MSDE 2000 systems resulting in a high volume of network traffic on both the Internet and private internal networks.

A patch resolving the vulnerability has been available for some time and yet many systems remain vulnerable. If you're running SQL Server or any version of MSDE, make sure you patch it immediately to avoid becoming the next victim of the "Slammer."

And don't think just because you're not running a SQL Server you're not vulnerable... MSDE ships with a wide variety of products (some of which install it by default) including:

• .NET Framework SDK
• ASP.NET Web Matrix
• Office XP Premium, Professional, Developer
• BizTalk Server 2002 Partner Edition
• Host Integration Server 2000
• Project Server 2002
• Small Business Server 2000
• SQL Server 2000, Enterprise Edition, Developer Edition, Personal Edition
• Visio Enterprise Network Tools
• Visual FoxPro 7.0 and 8.0 beta
• Visual Studio .NET 2002 Professional, Enterprise Developer, and Enterprise Architect editions
• Visual Basic .NET Standard 2002, Visual C++ .NET Standard 2002, Visual C# .NET Standard 2002
• Windows Enterprise Server 2003 RC1, only if UDDI is enabled
• Windows Server 2003 RC1, only if UDDI is enabled
• Application Center 2000 RTM, SP1, SP2
• Operations Manager 2000 RTM, SP1
• ... and more...

More Information

Here are the three main "entry" pages into Microsoft's site that I've found where you can find more information on the "Slammer" virus:

• Critical Update for Microsoft .NET Framework SDK Users from Microsoft's .NET Framework Page
• Customer Update on the "Slammer" Attack from Microsoft's Security & Privacy Page
• "Slammer" Worm Special Bulletin from Microsoft for Partners Page

If you run across a page not found from one of these links or something especially useful or interesting let me know and I'll link to it here.

Update: Free Tool for Identifying Vulnerable SQL Servers

One of our readers sent me some info on a free tool being provided to help system administrators identify systems which are vulnerable to the Slammer virus.

eEye is offering a free tool that scans network machines and detects if any are vulnerable to the SQL Sapphire/Slammer Internet worm currently circulating worldwide. The tool allows administrators to quickly identify SQL servers that do not contain the patch needed to protect from the worm, and it provides information on where to locate the patch from Microsoft.

The free Retina Sapphire SQL Worm Scanner can be found by visiting: http://www.eeye.com/html/Research/Tools/SapphireSQL.html

Thanks go out to Gary Sacks for letting me know about the tool.