On 25 January, a worm carrying a self-regenerating mechanism quickly moved across the world`s Internet networks and affected computer servers that run Microsoft Windows SQL Server 2000 software.
The servers were impacted due to a known buffer overflow vulnerability in the Microsoft SQL server software. The mechanism replicated itself so quickly and generated massive amounts of traffic, forcing many network service providers to take quick action to contain the spread. These high traffic volumes caused degraded services across the global Internet and corporate networks as network links were congested by the flood of spurious packets, disrupting thousands of other systems worldwide.
UUNET SA`s technical teams identified the industry-wide issue when it started to affect services on Saturday morning, SA time. Steps were taken to exclude the spurious traffic from the network and infected customer servers were identified and isolated while the customers applied the appropriate patch. The network and all systems have been operating normally since these steps were taken on Saturday morning.
"UUNET SA has implemented necessary procedures and precautionary measures to contain the effects of the MS-SQL Server Worm," says Greg Lock, technical director at UUNET SA. "All affected customers are urged to apply the appropriate patches to all copies of Microsoft SQL Server 2000 and Microsoft Desktop Engine (MSDE) 2000 as this is the only way to eliminate the worm completely. UUNET SA Network Operations Centre (NOC) will be proactively monitoring the situation throughout the week."
If the Microsoft SQL Server 2000 software issue has affected you, please contact Microsoft or go to the Microsoft Web site and download patches to correct the problem. To access the patches, go to the Microsoft security Web site, http://www.microsoft.com/security.
Look for the "Security Bulletins" column on the right side of the page. Scroll to the bottom of column and click on "Previous Security Bulletins". Look for the appropriate security bulletins for the SQL Server 2000 patches needed.
Share
Editorial contacts