MySQL Database Not Affected by "Slammer"/"Sapphire" Worm

MySQL AB would like to confirm that the MySQL™ database is not affected by nor is responsible for the recent "Slammer" (also known as "Sapphire") worm that has caused widespread Internet disruption. This worm attack, which began Friday, January 24, has been linked to a set of known flaws in Microsoft SQL Server, and at this time, it is only known to affect Microsoft SQL Server and certain products that are based on it (such as Microsoft Desktop Engine (MSDE) and Microsoft Office Developer Edition products). Several Internet news sites have erroneously linked MySQL to the Slammer worm.

"We wanted to quickly set the record straight and eliminate concern that the worm is impacting MySQL databases, " said MySQL AB CEO Mårten Mickos. "Through the Open Source approach, any vulnerabilities in the MySQL database are quickly identified and addressed. While virtually any software can be the target of a strategic, deliberate attack, our rapid development and release cycle and easy upgrade process help reduce this risk."

The official Microsoft Security Bulletin describing the "Slammer"/"Sapphire" vulnerability is available at http://microsoft.com/technet/security/bulletin/MS02-039.asp. A patch for the issue is also provided at this URL.

MySQL is a registered trademark of MySQL AB in Sweden and is a trademark of MySQL AB in the USA and other countries. Other products mentioned are the trademarks of their respective corporations.