Print

Print


I've mirrored the appropriate patches to the UVM software archive:

http://www.uvm.edu/software/distribution/windows/patches_upgrades/sql2000/

Slammer takes advantage of the following vulnerability:

http://www.microsoft.com/technet/security/bulletin/MS02-039.asp 

Q323875_SQL2000_SP2_en.exe addresses this issue if you have MS SQL Server SP2.

SQL Server SP3 is cummulative and doesn't require installation of previous service packs.

sql2ksp3.exe   ( database components )
sql2kasp3.exe  ( analysis services) 

Enjoy,
--Geoff



----- Original Message ----- 
From: "Geoffrey Duke" <[log in to unmask]>
To: <[log in to unmask]>
Sent: Saturday, January 25, 2003 11:05 AM
Subject: MS SQL Server Security (was Network Issues: 2003-01-25)


> Microsoft's SQL Server security resources:
> 
> http://www.microsoft.com/sql/techinfo/administration/2000/security.asp
> 
> --Geoff
> 
> > We have tracked at least part of the problem to what appears to be an SQL
> > worm attacking on UDP port 1434 which enacted what looks like a DOS attack
> > on the firewall.
>