SQL Server Worm devastates Microsoft Corporate networks!

Microsoft itself gets hit (and HARD) by the SQL Server worm!

stan? hellllo? stan???? what's that cr*p again about lazy admins you've been spouting? microsoft can't even protect itself and you're expecting so many others to be able to do so?

"Microsoft's policy of relying on software patches to fix major security flaws was questioned Monday after a series of internal e-mails revealed that the software giant's own network wasn't immune from a worm that struck the Internet last weekend."

"The messages seen by CNET News.com portray a company struggling with a massive infection by the SQL Slammer worm, which inundated many corporate networks Saturday with steady streams of data that downed Internet connections and clogged bandwidth."

"The messages put Microsoft in an awkward position: The company relies on customers to patch security flaws but the events of last weekend show that even it is vulnerable. In this case, Microsoft urged customers to fix a vulnerability in the SQL Server 2000 software, but it apparently hadn't taken its own advice. Moreover, despite its 1-year-old security push, the software giant still had critical servers vulnerable to Internet attacks."

http://news.com.com/2100-1001-982305.html

asj wrote:
>
> i'm sending out one email first thing tomorrow that will sum it all up
> to our IT head (and maybe other people can do the same):
>
> "THANK GOD WE DON'T RUN MICROSOFT SQL SERVER!" *
>
> * add links to the freaking mess SQL server created.
>
> oh, yeah, for those of you wintrolls complaining about lax patches, tell
> that to all those large multinationals that STILL got hit. the point is
> to NOT have to install f*cking MS patches every other freaking weekend!
>
> http://www.cnn.com/2003/TECH/internet/01/26/internet.attack/index.html
>
> "Experts fear Monday could bring new outbreaks of the fast-moving
> computer worm that snarled business and government computers Saturday,
> slowing some corporate systems tothe point of inaccessibility.
>
> "Several companies, including Continental Airlines and Bank of America
> Corp., reported widespread computer problems Saturday.
>
> "Bank of America, one of the nation's largest banks, said many customers
> could not withdraw money from its 13,000 ATMs because of technical
> problems caused by the attack, according to The Associated Press. A
> spokeswoman, Lisa Gagnon, told the AP that the bank restored service to
> nearly all ATMs by late Saturday afternoon and that customers' money and
> personal information had not been at risk.
>
> "Continental said the worm attack led to scattered delays of no more
> than 90 minutes. Spokesman Jeff Walt said Continental's hub at Newark,
> New Jersey, was the most affected, but problems were also reported in
> Houston, Texas, and Cleveland, Ohio.
>
> asj wrote:
> >
> > two side by side headlines in cnn.com:
> >
> > gates (again!) promising greater security for microsoft products, AND a
> > headline on the new SQL Server worm wreaking havoc on Microsoft SQL
> > server 2000 users. no wonder we use oracle and apache instead.
> >
> > side by side pic:
> > http://www.blueboard.com/temp/news_headlines.gif
> >
> > stories:
> >
> > SQL Server 2000 Devastation:
> > http://www.cnn.com/2003/TECH/internet/01/25/internet.attack.ap/index.html
> >
> > Security (or non-security) of microsoft products:
> > http://www.cnn.com/2003/TECH/biztech/01/25/microsoft.security.ap/index.html
Received on Mon Jan 27 2003 - 22:33:35 CST