Worm targets SQL Server

A new worm that targets Microsoft Corp.’s SQL Server database is making the rounds on the Internet, security experts warned last week. “We’re detecting thousands of new compromised systems per hour as this propagates,” says Tim Belcher, CTO at security services company Riptech Inc. The worm is referred to variously as SQLSnake, DoubleTap and DigiSpid.B.Worm.

Experts say it is unlikely to cause widespread damage. A Microsoft spokesman says the worm affects only systems running SQL Server Version 7.0 in which the system administrator password is blank, the default setting for that release.

Microsoft issued a bulletin to enterprise customers after it, too, noticed an increase in the number of attempts to access SQL Servers that have blank passwords. It recommended a series of steps, the first being to make sure no system administrator passwords remain blank. Microsoft is online at http://www.microsoft.com.

Would you recommend this article?


Thanks for taking the time to let us know what you think of this article!
We'd love to hear your opinion about this or any other story you read in our publication.

Jim Love, Chief Content Officer, IT World Canada

Featured Download

Related Tech News

Tech Jobs

Our experienced team of journalists and bloggers bring you engaging in-depth interviews, videos and content targeted to IT professionals and line-of-business executives.

Tech Companies Hiring Right Now