A new worm that targets Microsoft Corp.’s SQL Server database is making the rounds on the Internet, security experts warned last week. “We’re detecting thousands of new compromised systems per hour as this propagates,” says Tim Belcher, CTO at security services company Riptech Inc. The worm is referred to variously as SQLSnake, DoubleTap and DigiSpid.B.Worm.
Experts say it is unlikely to cause widespread damage. A Microsoft spokesman says the worm affects only systems running SQL Server Version 7.0 in which the system administrator password is blank, the default setting for that release.
Microsoft issued a bulletin to enterprise customers after it, too, noticed an increase in the number of attempts to access SQL Servers that have blank passwords. It recommended a series of steps, the first being to make sure no system administrator passwords remain blank. Microsoft is online at http://www.microsoft.com.