Microsoft SQL Server 2000 Exploit!

Question

Tekmaven 258 Software Architect

21 Years Ago

Well, if you haven't noticed already, some to most of the internet is down! This is due to an exploit in Microsoft SQL Server SP2 and lower.

A buffer overrun can allow hackers to run code on the SQL Server. This worm, infects an SQL Server and then that SQL Server infects others.

My reccomendation? APPLY SP3!

If you have been infected, these steps should be taken:

1. Stop and DISABLE the MSSql Service, and all related ones
2. Stop and DISABLE IIS (if running)
3. Apply the SP3 Support Pack
4. Restart
5. Start and ENABLE the core MSSql Server (Not the Transaction Coordinator, etc)
6. Change your SA password!
7. Start and ENABLE all other stopped services.

mssql

2 Contributors
2 Replies
874 Views
1 Day Discussion Span
Latest Post 21 Years Ago Latest Post by samaru

samaru 145 a.k.a inscissor

21 Years Ago

We noticed this Saturday morning at work. Something wrong with SQL Server 2000. We didn't think it was going to be that big. I was surprised how big it was when I saw it on the news and heard about it at CNET News.

Reply to this topic

Be a part of the DaniWeb community

We're a friendly, industry-focused community of developers, IT pros, digital marketers, and technology enthusiasts meeting, networking, learning, and sharing knowledge.

samaru 145 a.k.a inscissor Team Colleague · Answer 1 · 2003-01-27T05:47:23+00:00

Here are instructions from Microsoft and where to download the files for SQL Server 2000 SP3:

http://www.microsoft.com/downloads/details.aspx?FamilyId=9032F608-160A-4537-A2B6-4CB265B80766&displaylang=en