SQL attacks could be resumed today?

[Julio Franco]

We reported a few days ago about a SQL worm that could have a serious impact on internet traffic. While everything remained calmed for us during the weekend, I did notice a few of my favourite sites went down, something that probably has got a lot to do with this worm.

Winbeta.org suggests that the worm still is around and a new attack is expected today...

Experts are warning that a malicious computer code which disrupted the internet may resume its attacks on Monday.
In South Korea, which was badly affected by the attack, systems engineers are racing to repair internet networks amid fears Monday would bring new outbreaks as businesses switch on their computers for the new working week.

The problem is not completely resolved and we will have to have more of a sense of the importance of security. The South Korean Information Minister, Lee Sang-Chul, said he believed the problem was hiding, rather than fully resolved.

Computer experts said the code, known as a worm, had affected nearly a quarter of a million computers worldwide on Saturday.

 

[poertner_1274]

Yes our school got hit pretty hard by this new worm. Messed up quite a bit of your e-mail system. Let's just hope they got it all straightened out.
These types of things can be devastating for any company or business using the internet.

 

[Phantasm66]

More news here.

As I noted in another post, the application of service pack 3 for SQL Server should protect you from this problem.

 

[poertner_1274]

Well this is what pisses me off. How hard is it for a "technician" to keep up with the security updates? I mean, that is part of your job, and if it could have been prevented with a simple SP3 update, then why didn't they do it? Just seems silly to me.

What makes it even worse is that we are a VERY technical school and I figure something like this would be a daily routine.....I guess not.

 

[SNGX1275]

Poert - it wasn't our school necessarly that mucked up, if you read that e-mail CIS sent out its basically saying that its the people running their own SQL servers on University connections that caused all the problem. The university servers were patched.

 

[poertner_1274]

I usually don't read the whole email form campus as it is usually a bunch of crap that I don't care about. I just read enough saying that their mail servers were getting bombed and having SQL problems. I guess I read too much into it, but I am sure there are still companies, schools, etc that have not installed the latest patches.

Thank you for the clarification though Dave.

 

[Phantasm66]

Heheh even Microsoft had not applied service pack 3 to some of its own servers! Hehehe!

But seriously, if you are doing some serious datawarehousing with an sql server, you get complaints from all over the place when you apply a service pack and reboot it. Some people prefer to try and wait till some quieter time. Thusly the problem.

I've made sure our servers at work get patched. And I tested the patch on my own home machine which runs sql server 2000.