Article ID: 813115 - View products that this article applies to.
This article has been archived. It is offered "as is" and will no longer be updated.
A denial of service may occur in an Application Center 2000 (AC2000) cluster if members become infected with the W32.Slammer worm because of a vulnerability in the Microsoft SQL Server Desktop Engine (MSDE 2000).
The W32.Slammer worm causes a denial of service because it floods the network with UDP packets over port 1434.
Service pack informationApplication Center 2000 Service Pack 2 contains MSDE Service Pack 3a, which includes all the security patches that are available at the time of release. To resolve this problem, obtain the latest service pack for Application Center 2000. For more information, click the following article number to view the article in the Microsoft Knowledge Base:
(http://support.microsoft.com/kb/309384/ )How to obtain the latest Application Center 2000 service pack
Hotfix informationImportant Application Center Server 2000 uses a specialized version of MSDE 2000. These instructions are for Application Center Server 2000 only.
Important If your AC2000 systems are currently infected with W32.Slammer or are connected to a network that may have other systems infected with W32.Slammer, please download the SQL Critical Update hotfix which is part of the SQL Security Tools available from the following Microsoft Web site:
http://www.microsoft.com/downloads/details.aspx?FamilyId=9552D43B-04EB-4AF9-9E24-6CDE4D933600&displaylang=enRun the appropriate sqlhotfixpkg on your AC2000 systems before proceeding with the instructions below. Applying sqlhotfixpkg will NOT upgrade your system to MSDE Service Pack 2 (SP2), nor will it permit you to apply the post SP2 MSDE security bulletins that address vulnerabilities other than W32.Slammer, nor will it allow you to apply any security bulletins that may be released in the future.
For this reason we recommend that you complete the MSDE SP2 upgrade and Microsoft Security Bulletin MS02-061 (MS02-061) security rollup fix as described in this document.
Important The procedures below will render your Application Center 2000 systems vulnerable to the W32.Slammer worm while you are applying the upgrade and fix. You should have all the resources you need to complete the upgrade available locally on the server and then disconnect the server from the network while you upgrade to MSDE SP2 and MS02-061.
Important Your Application Center Servers must be at Application Center 2000 Service Pack 1 (SP1) in order to apply the procedures below. You can get SP1 from the following Microsoft Web site:
http://technet.microsoft.com/en-us/library/bb734926.aspxImportant MSDE SP2, otherwise known as OFE813058.EXE, has been re-issued with this revision of this document. The first version of QFE813058.EXE was incompatible with MS02-061. If you downloaded and applied QFE813058.EXE before you downloaded this document, you should follow the “Installation instructions for systems that have had QFE813058.EXE applied already”. If you have any doubt about what version of QFE813058.EXE you have applied you should also follow the “Installation instructions for systems that have had QFE813058.EXE applied already” as they will work with either version of QFE813058.exe
To resolve this problem, you must obtain the following fixes:
Important If you see dialog boxes that notify you of problems running SQL scripts during the upgrade process, see the following article in the Microsoft Knowledge base:
(http://support.microsoft.com/kb/814022/ )Application Center 2000 MSDE SP2 upgrade displays "Unable to run SQL Script" or MS02-061 displays "Error running SQL Script" dialog box
For single member clusters that have NOT had QFE813058.EXE applied already
For clusters with more than one member that have NOT had QFE813058.EXE applied already
For any Application Center 2000 servers that have had QFE813058.EXE applied already
To work around this problem in cases where you cannot obtain the SQL Critical Update, disable and stop MSDE 2000 all members:
Microsoft has confirmed that this is a problem in the Microsoft products that are listed in the "Applies to" section.