Microsoft releases anti-Slammer tools

The software tools, posted on Microsoft's Web site, give systems administrators a way to check the company's SQL Server 2000 database for the Slammer worm and to address vulnerabilities. The fixes focus on versions of the database that run on network servers and on another version, called SQL Server Desktop Engine, that runs on desktop PCs.

SQL Server Desktop Engine 2000 is used by Microsoft and third-party software developers as a database server embedded in other applications. Microsoft offers it as an alternative file store for Office XP applications and for its Visual Studio.Net programming application.

The Slammer virus, which struck Jan. 25, exploited a flaw in the SQL Server database and caused an estimated $1 billion in damage in the first five days as it rapidly spread around the globe.

Microsoft has made the utilities available now as first takes and plans to update them. The tools are a follow-on to the patches Microsoft made available before Slammer hit.

The three new tools are these:

• SQL Server 2000 SQL Scan Tool, which scans a network to identify instances of SQL Server 2000 and SQL Server Desktop Engine 2000 that may be vulnerable to Slammer. The utility inspects computers running the Windows 2000, Windows NT 4.0 or Windows XP operating systems. The tool itself runs on Windows 2000 or later versions.

• SQL Check, which scans an individual computer to see whether an instance of SQL Server 2000 or SQL Server Desktop Engine 2000 is vulnerable to the Slammer worm. On computers running Windows NT 4.0, Windows 2000 and Windows XP, the utility stops and disables the affected database services. On computers running Windows 98 and Windows ME, it merely identifies vulnerable spots.

• SQL Critical Update, which scans individual computers running both the server and desktop versions of SQL Server for the Slammer worm and updates the affected files.