I've mirrored the appropriate patches to the UVM software archive:

Slammer takes advantage of the following vulnerability: 

Q323875_SQL2000_SP2_en.exe addresses this issue if you have MS SQL Server SP2.

SQL Server SP3 is cummulative and doesn't require installation of previous service packs.

sql2ksp3.exe   ( database components )
sql2kasp3.exe  ( analysis services) 


----- Original Message ----- 
From: "Geoffrey Duke" <[log in to unmask]>
To: <[log in to unmask]>
Sent: Saturday, January 25, 2003 11:05 AM
Subject: MS SQL Server Security (was Network Issues: 2003-01-25)

> Microsoft's SQL Server security resources:
> --Geoff
> > We have tracked at least part of the problem to what appears to be an SQL
> > worm attacking on UDP port 1434 which enacted what looks like a DOS attack
> > on the firewall.