A quickly spreading worm attacked Microsoft SQL servers beginning at 0530 GMT on Saturday, significantly disrupting Internet traffic. Although the "Slammer" worm did not carry a destructive payload and only attacked vulnerable Microsoft SQL servers, ISPs reported a dramatic increase in network traffic and associated problems with latency and packet loss. South Korea appeared to have been the hardest hit by the worm, where the networks of Korea Telecom, Hanaro and Dacoom were significantly degraded during the attack. Microsoft said servers running the latest Service Pack 3 for Sequel 2000 were unaffected. Microsoft advised administrators to install the latest patch immediately. Network equipment manufacturers, including Cisco Systems, posted technical advisories warning that the vulnerability potentially could affect other network systems that run on Microsoft operating systems with unpatched versions of SQL Server 2000. Such systems could include IP call managers, converged communications servers, email servers and broadband service managers.
http://www.cert.orghttp://www.cisco.com
http://www.cert.orghttp://www.cisco.com