Microsoft Data Engine (MSDE) is just as vulnerable to this worm as a full blown SQL server. Unfortunately, this fact is not really advertised by neither Microsoft advisory nor most of other Antivirus vendors. It is unfortunate because there are a lot of products that use the MSDE as a "hidden" SQL server, and from my experience most of these applications DO NOT CHANGE THE 'SA' PASSWORD. Even worse is the fact that most of the applications using MSDE break when the SA password is changed.
Some of the apps that use MSDE: Tumbleweed MMS (formerly Worldsecure, a "security product" relies on blank SA password for proper operation), CyberCop scanner, Microsoft Visio, Visual Studio, etc.
Slashdot Mirror
Microsoft Data Engine (MSDE) is just as vulnerable to this worm as a full blown SQL server. Unfortunately, this fact is not really advertised by neither Microsoft advisory nor most of other Antivirus vendors. It is unfortunate because there are a lot of products that use the MSDE as a "hidden" SQL server, and from my experience most of these applications DO NOT CHANGE THE 'SA' PASSWORD. Even worse is the fact that most of the applications using MSDE break when the SA password is changed. Some of the apps that use MSDE: Tumbleweed MMS (formerly Worldsecure, a "security product" relies on blank SA password for proper operation), CyberCop scanner, Microsoft Visio, Visual Studio, etc.