Microsoft KB Archive/841375

From BetaArchive Wiki
Knowledge Base


A message stating that an instance of SQL Server is vulnerable to virus attacks is logged in the application event log when you install SQL Server 2000 or MSDE 2000 on a computer that is running Windows XP Service Pack 2

Article ID: 841375

Article Last Modified on 11/16/2007


APPLIES TO

  • Microsoft SQL Server 2000 Service Pack 2
  • Microsoft SQL Server 2000 Service Pack 1
  • Microsoft SQL Server 2000 Service Pack 3a
  • Microsoft SQL Server 2000 Desktop Engine
  • Microsoft SQL Server 2000 Desktop Engine
  • Microsoft SQL Server 2000 Desktop Engine (Windows)
  • Microsoft Windows XP Service Pack 2


INTRODUCTION

When you install Microsoft SQL Server 2000 or Microsoft SQL Server Desktop Engine (also known as MSDE 2000) on a computer that is running Microsoft Windows XP Service Pack 2 (SP2), a message is logged in the application event log. The message states that the instance of SQL Server or the instance of SQL Server Desktop Engine is vulnerable to virus attacks.

You may notice this behavior when you perform one of the following tasks:

  • You install Microsoft SQL Server 2000 SP2 or an earlier version of SQL Server 2000 SP2.
  • You install Microsoft MSDE 2000 SP2 or an earlier version of SQL Server Desktop Engine 2000.
  • You apply the Windows XP SP2 to a computer that already has an instance of SQL Server 2000 SP2 or earlier or that is running SQL Server Desktop Engine 2000 SP2 or earlier.


MORE INFORMATION

When you install SQL Server 2000 or SQL Server Desktop Engine 2000 on a computer that is running Windows XP SP2, Windows XP SP2 logs an Information event that is similar to the following in the application log:


Event Type: Information
Event Source: MSSQLSERVER/MSDE
Event Category: None
Event ID: 5400
Date: 5/6/2004
Time: 5:29:24 AM
User: N/A
Computer: <Computer Name>
Description:
You are running a version of Microsoft SQL Server 2000 or Microsoft SQL Server 2000 Desktop Engine (also called MSDE) that has known security vulnerabilities when used in conjunction with this version of Windows. To reduce your computer's vulnerability to certain virus attacks, the TCP/IP and UDP network ports of Microsoft SQL Server 2000, MSDE, or both have been disabled. To enable these ports, you must install a patch, or the most recent service pack for Microsoft SQL Server 2000 or MSDE from http://technet.microsoft.com/en-us/sqlserver/bb331754.aspx

For more information, see Help and Support Center at http://support.microsoft.com.



To help protect your computer, you must install the latest SQL Server 2000 or the latest SQL Server Desktop Engine 2000 service pack.

For additional information about how to obtain latest service pack for SQL Server 2000, click the following article number to view the article in the Microsoft Knowledge Base:

290211 How to obtain the latest SQL Server 2000 service pack


REFERENCES

For information about the SQL Server 2000 Security Tools, visit the following Microsoft Web site:

http://www.microsoft.com/downloads/details.aspx?FamilyId=689832DB-297B-489F-9E87-8FD78AEEE64F




For additional information about the SQL Server tools, click the following article numbers to view the articles in the Microsoft Knowledge Base:

814372 Overview of the SQL 2000 Critical Update Wizard



814461 SQL Server 2000 SQL Check utility




For information about finding and fixing Slammer vulnerabilities, visit the following Microsoft Web site:

http://www.microsoft.com/technet/security/alerts/slammer.mspx



Additional query words: Springboard pre slammer pre-slammer version

Keywords: kbsetup kbsecurity kbinfo KB841375



Send feedback to Microsoft

© Microsoft Corporation. All rights reserved.


Retrieved from ‘https://www.betaarchive.com/wiki/index.php?title=Microsoft_KB_Archive/841375&oldid=334386
the Creative Commons 3.0 ShareAlike (except the Microsoft KB Archive).
Powered by MediaWiki