A "critical" vulnerability has been identified in Microsoft SQL Server. Because this database management system is used by HyperLab, it is highly recommended to immediately update the Microsoft SQL Server to the latest version.
Problem identifier: | "Slammer" worm vulnerability |
Problem level: | CRITICAL. MUST BE IMMEDIATELY FIXED. |
Related products: | All HyperLab 2002 versions |
Related components: | Microsoft Database Engine |
Microsoft Database Engine (a special version of Microsoft SQL Server which is shipped with HyperLab) has a critical security hole if it is not upgraded with at least MSSQL Service Pack 2 (SP2). If you run unpatched version of MSDE 2000 on a network without a properly configured firewall, any attacker from the Internet is able to use your machine to attack other computers, thus generating huge amount of network traffic and infecting other vulnerable MSSQL servers. As a result, no user data loss or file corruption occurs, but networks may become practically unusable due to the increased network traffic.
Please note that you may decide to apply MSDE Service Pack 3 (SP3). This SP3 package may be downloaded from our website as a ZIP file (33 MB). When you have downloaded it, unpack it into an empty folder, and start Apply_HyperLab_MSDE_Patch.bat file.This will also protect your MSDE installation against the Slammer worm.
After installing the SP3 update, MSDE requires you to specify a non-blank password for "sa" (administrator) database user.