Enterprise Security Manager™ Response for W32.SQLExp.Worm

Enterprise Security Manager Security Response policies
01/25/2003
Symantec Enterprise Security Manager (ESM) response policies are configured by members of the Symantec Security Response team to respond to recent security incidents and newly-detected security vulnerabilities without waiting for scheduled module Security Update releases.

This policy has been updated to detect Microsoft SQL Server 2000 installations running on Windows 2000, Windows NT 4.0, and Windows XP systems that are vulnerable to the W32.SQLExp.Worm.

Download the ESM Response Policy

Important Note: This policy will only work properly on ESM agents running SU12 and later. It will not work properly on agents using older ESM SU versions. An agent’s SU version can be determined from the ESM Console using the Agent properties feature.