[tforum] RE: [ALL-MANAGERS:1230] Some additional notes for Univ administrators re: SQL worm

Steve Scott sscott@iso.utah.edu
Sat, 25 Jan 2003 19:27:01 -0700


> Previous MS Service Packs are vulnerable without the stand alone
patch.
>  From all reports, the worm only affects SQL Server 2000.  The worm
does
> not affect previous versions of MS SQL Server.  The worm also affects
MS
> SQL Desktop Engine 2000 (MSDE).
 
Please be aware that SQL Desktop Engine 2000 (MSDE) is installed as part
of:
* SQL Server 2000 (Developer, Standard, and Enterprise Editions)
* Visual Studio .NET (Architect, Developer, and Professional Editions)
* ASP.NET Web Matrix Tool
* Office XP (various versions)
* MSDN (various subscription levels)
* Access 2002 
* Visual FoxPro 7.0/8.0 

Joe, thanks for the great synopsis.  A huge thanks to everyone that
worked to contain this worm.

Steve
 
Steve Scott
University of Utah
Institutional Security Office
(801)556-6925
steven.scott@utah.edu