Microsoft SQL Server security vulnerability messages and Windows XP Service Pack 2
The error message below may be logged when you install one of the following products on a Windows XP computer with Service Pack 2 (SP2):
- PureMessage for Windows/Exchange
- Sophos
Anti-Virus Small Business Edition - PureMessage Small Business Edition
- EM Reporter.
"You are running a version of Microsoft SQL Server 2000 or Microsoft SQL Server 2000 Desktop Engine (also called MSDE) that has known security vulnerabilities when used in conjunction with this version of Windows. To reduce your computer's vulnerability to certain virus attacks, the TCP/IP and UDP network ports of Microsoft SQL Server 2000, MSDE, or both have been disabled."
This message is generated by the copy of Microsoft SQL Server Desktop Engine (MSDE) that is a component of these products.
This issue is discussed in detail in Microsoft Knowledge Base Article 841375: "A message stating that an instance of SQL Server is vulnerable to virus attacks is logged in the application event log when you install SQL Server 2000 or MSDE 2000 on a computer that is running Windows XP Service Pack 2".
What to do
Patch the Micosoft SQL Server Desktop Engine (MSDE).
If you need more information or guidance, then please contact technical support.
- Article ID: 11833
- Created: 18 Aug 2004
- Last updated: 5 Oct 2006
