From Volume 80, Number 5 (July 2007)
DOWNLOAD PDF
In January 2003, the Slammer worm hit the Internet. Five of the Internet’s thirteen root-name servers shut down. Three hundred thousand cable modems in Portugal went offline, all of South Korea’s cell phone and Internet services went down, and Continental Airlines cancelled flights from its Newark hub due to its inability to process tickets. It took only six months after the disclosure of a security flaw for a virus writer to write the 376 byte virus. When it unleashed, it took ten minutes to infect ninety percent of vulnerable systems.
The flaw was a buffer overflow in the Microsoft SQL Server 2000 software. Because the code is embedded in other Microsoft products, not all users were even aware that their systems were running a version of SQL Server. Unfortunately, this was a well-known, preventable security flaw. Moreover, Microsoft had released a patch for the flaw exploited by Slammer six months before the attack. Despite the widespread effects, no flood of lawsuits ensued.
80_997