Bill Gates must be livid. Just after he publishes an e-mail letter to customers outlining Microsoft's progress on its Trustworthy Computing initiative, the SQL Slammer worm--376 bytes of code also known as Sapphire, w32.SQLexp.worm, and Helkern--exploits known vulnerabilities in Microsoft SQL 2000 servers. It creates a global Internet slowdown and another embarrassment for the chairman of the world's most powerful software company. And to top it off, Microsoft's own servers were Slammed.
The worst part is that a patch for the vulnerability exploited by the Slammer worm was issued last summer and was included in the latest service pack for Microsoft SQL Server 2000. In fact, the majority of successful hacks come as a result of an exploitation of a known vulnerability. In failing to apply the updates to some of its servers, Microsoft didn't follow its own security polices. Gates, Ballmer and the other Microsoft execs are probably still cooling down, trying to avoid strangling the company's system administrators.
News source: ZDNet
