[Date Prev][Date Next][Thread Prev][Thread Next][Date Index][Thread Index]

[RT] [Fwd: my-eTrust.com Virus Alert Notification: Win32/SQLSlammer.Worm]



PureBytes Links

Trading Reference Links

To unsubscribe from this group, send an email to:
realtraders-unsubscribe@xxxxxxxxxxxxxxx

 

Your use of Yahoo! Groups is subject to http://docs.yahoo.com/info/terms/ 


--- Begin Message ---
To: zaitech.llc@xxxxxxxxxxx
Subject: my-eTrust.com Virus Alert Notification:  Win32/SQLSlammer.Worm
From: notifications@xxxxxxxxxxxxx
Date: Mon, 27 Jan 2003 11:06:50 -0600
Reply-to: notifications@xxxxxxxxxxxxx


 

  
  
    <IMG height=124 alt="my-eTrust.com News" 
      src="" 
      width=114 useMap="" border=0><IMG height=83 alt="my-eTrust.com News" 
      src="" 
      width=526 align=top useMap="" border=0>
  
    
      
        
        
          
            <SPAN 
            class=418520301-01102002>Virus Alert 
            Notification
            <SPAN 
            class=418520301-01102002> 
            <SPAN 
            class=315494913-10092001><SPAN 
            class=418520301-01102002>Win32/SQLSlammer.Worm 
            
            <SPAN 
            class=315494913-10092001><SPAN 
            class=418520301-01102002>Attention Users of MS SQL Server 
            2000 <FONT 
            size=2>
            Win32/SQLSlammer.Worm exploits a buffer 
            overrun security vulnerability in Microsoft SQL Server 2000 and 
            Microsoft Desktop Engine 2000. The exploit is present in the SSRS 
            (SQL Server Resolution Service) which uses UDP port 1434.
            The worm does not infect files and does not send out 
            any e-mail. It exists only in the memory of the successfully 
            exploited system. Therefore, there is no file based anti-virus 
            signature available to detect this worm. 
            The worm scans randomly generated IP addresses for vulnerable 
            systems and sends out numerous UDP packets, which may effectively 
            cause a denial of service attack on the infected network.
            Customers are strongly advised to block UDP port 1434 and apply 
            the relevant patch from Microsoft.
            Microsoft described the exploited vulnerability in Security 
            Bulletin MS02-039:
            Buffer Overruns in SQL Server 2000 Resolution Service Could 
            Enable Code Execution (Q323875)
            To download the patch:
            <A 
            href="">http://www.microsoft.com/Downloads/Release.asp?ReleaseID=40602 
            
            If the server is not up to date, the cumulative patch can be 
            found here:
            <A 
            href="">http://www.microsoft.com/technet/security/bulletin/MS02-061.asp 
            
            Installing Service Pack 3 for SQL Server 2000 will also fix the 
            vulnerability:
            <A 
            href="">http://www.microsoft.com/sql/downloads/2000/sp3.asp 
            
            For more information on the relevant SQL Server overflow 
            vulnerabilities, please check:
            <A 
            href="">http://www.kb.cert.org/vuls/id/399260<A 
            href="">http://www.kb.cert.org/vuls/id/484891 
            
            
            

            <P class=MsoNormal 
            >  <FONT face=Verdana 
            color=#000000 size=2><SPAN 
            > <FONT 
            face=Verdana size=2>A<SPAN 
            class=315494913-10092001>dditional 
            Information<FONT 
            face=Verdana size=2><SPAN 
            > on 
            viruses, worms, and trojans can be found<SPAN 
            >  in our virus 
            encyclopedia:<SPAN 
            >  
            <SPAN 
            ><A 
            href=""><FONT 
            face=Verdana 
            color=#800080>http://www.my-eTrust.com/products/encyclopedia<FONT 
            face=Verdana color=#000000> and on our Virus Alerts page: <A 
            href=""><FONT 
            face=Verdana 
            color=#800080>http://www.my-eTrust.com/products/virusalerts<?xml:namespace 
            prefix = o ns = "urn:schemas-microsoft-com:office:office" /> 
            
            <FONT 
            face="Verdana, Arial, Helvetica,

sans-serif" 
            color=#66cc00 size=2>Feedback? Comments? Suggestions? 
            You can fill out our online contact forms 
            at: <FONT 
            color=#800080>http://www.my-eTrust.com/contact/ 
            <FONT 
            face=Verdana color=#000000 size=2><SPAN 
            ><FONT 
            face=Verdana color=#000080 size=2><SPAN 
            class=315494913-10092001>Note:<FONT 
            face=Verdana color=navy><SPAN 
            ><SPAN 
            >  This 
            address should be used only for feedback on this 
            <FONT 
            color=#000000><SPAN 
            >newsletter.<SPAN 
            >  <SPAN 
            >If you encounter any <SPAN 
            >problems or you 
            require assistance, please visit the support area of our 
            website: <SPAN 
            ><A 
            href=""><FONT face=Verdana 
            color=#800080 
            size=2>http://www.my-eTrust.com/services/
             
            <A 
            href="" target=_blank><IMG 
            src="" 
            border=0> <IMG 
            src="" 
            border=0>UnsubscribeYou have received this email 
            because you chose to receive virus signature update notifications as 
            a registered user of my-eTrust software. If you would like to change 
            your personal options, please <A 
            href=""><FONT 
            color=#663399>click 
        here.
  
    <IMG height=42 
      src="" 
      width=640 useMap="" border=0>


--- End Message ---