Computer Worm Slows Worldwide Traffic

A worm that computer security officials have known about since last
summer virtually halted Internet traffic over the weekend in some parts of
the world.

The worm, reportedly called “Sapphire” or “Slammer,” affected servers
through a well-publicized vulnerability in Microsoft
SQL Server 2000
. Once it attaches to a server it transmits multiple data
requests in a random manner to other addresses on the Internet looking for
more vulnerable servers to infect. Because of the self-replicating nature, it
quickly spread. MSNBC reported that as many as 25,000 servers were
affected. Reuters reported the worm crashed almost all Internet
services in South Korea and slowed systems in Japan, Europe and the United
States. Overall, five of the 13 root nameservers for the Internet were disabled, according to Slashdot.

But last July’s original security advisory about the vulnerability
certainly wasn’t the first
time SQL users were told to patch their systems. Nor was it the only time.
Yet system administrators were still left scrambling over the weekend to
recover from the latest fiasco.

“People need to do a better job about fixing vulnerabilities,” Howard
Schmidt, President Bush’s No. 2 cyber-security adviser, told the Associated Press.

Worse yet, the worm was remarkably similar to the Code Red
worm
, which in July 2001 again plagued Microsoft users that relied on
its now notorious Internet Information Services (IIS) web server.

CERT issued an advisory on Saturday. The patch has been available here from the Microsoft TechNet site for some time now.

News Around the Web