Trustworthy Computing Security Update (2)

Q: When will be patches available ?
The vulnerability that is exploited by this virus was first addressed by Microsoft in July of 2002 as security patch MS02-039 and in subsequent patches, most recently MS02-061, which was released in October of 2002. These updates were also included in the recently released SQL Server 2000 Service Pack 3 (SP3). We have created an update to MS02-061 that includes an improved installer as well as recommended fixes that were also released in October as Q317748, found on http://support.microsoft.com/.

Q: Are the patches from last summer sufficient ?
Customers who deployed the SQL Server patch last summer are protected from the Slammer attack but additional defenses against other known exploits appear in the October patch, MS02-061. Microsoft recommends customers deploy the updated MS02-061 immediately. Customers who have already installed MS02-061 from October and the QFE patch Q317748 do not need to install the updated MS02-061. Ideally we recommend that customers download, test and deploy SP3 for SQL Server 2000. SP3 can be found on http://www.microsoft.com/sql.

Q: Why Microsoft re-release MS02-061 ?
MS02-061 was re-released to include an installer that eliminates the need for system administrators to manually configure the files for the patch. The re-released MS02-061 patch also includes a QFE patch Q317748. Both of these changes were made to make it easier for system administrators to configure their systems in line with Microsoft’s commitment to “secure in deployment” as part of the Trustworthy Computing Initiative. The binaries included in the updated MS02-061 are identical to the combination of the original MS02-061 and the Q317748 QFE. Customers who have deployed the original MS02-061 with or without Q317748 are protected from the Slammer virus. Customers who install SQL Server 2000 SP3 do not need to install MS02-061.

Q: What steps should customers take ?
Customers that have deployed SQL Server patches MS02-039, MS02-043, MS02-056 and MS02-061 are protected from the Slammer virus. However, all customers, except those who have already deployed MS02-061 with QFE Q317748 should immediately download and deploy the new version of MS02-061 to protect against additional vulnerabilities. Instructions for downloading and applying these patches are located on http://www.microsoft.com/technet/security. Once those patches are in place, customers should also download SQL Server SP3. Each customer should test SP3 according to their policies and procedures before deployment. Details on SP3 are located on http://www.microsoft.com/sql.

Q: What proactive actions should customers have in place ?
Microsoft recommends that all customers follow at least three general practices to help protect their systems from attack:
· Maintain all systems with the latest patches and service packs available from Microsoft Corporation
· Run anti-virus software with the most current signature files deployed throughout the network.
· Use a firewall to securely manage all Internet access

Q: What other informations is available ?
If you have any ongoing issues, please visit http://www.Microsoft.com/security; contact the Microsoft Anti-Virus hot line at 1-866-PCSAFETY, Microsoft product support or your anti-virus vendor. Microsoft’s support for virus-related issues is, of course, always free. Methods for contacting support can be found at http: http://www.support.microsoft.com.