The W32.SQLExp.worm has been released into the World Wide Web and has been categorised with a high warning.
Local security specialist AVeS Cyber Security says the Internet worm is rated as `high` only for unpatched systems affecting SQL servers not running SP3. The virus increases traffic on UDP port 1434 and spreads via SQL Server as well as Microsoft Desktop Engine (MSDE) 2000. As such network availability may be affected.
"You should block incoming UDP 1434 at your firewall and download and apply the Service Pack 3, then restart the server. By doing this, the virus will be cleared from the memory and re-infection will be prevented," says Troy Carrick, who forms part of technical support at AVeS Cyber Security.
With SQL and Microsoft Desktop Engine 2000, there are vulnerability patches available through Microsoft. Both McAfee and Symantec have removal tools available.
Protecting a network from fast-spreading viruses requires more than the client-level anti-virus software. True network integrity and content security can only be achieved with a comprehensive and flexible policy-based e-security solution.
Share
Editorial contacts