David Litchfield

The Inside Story of SQL Slammer

By David LitchfieldOn Jan. 25, 2003, a new worm took the Internet by storm, infecting thousands of servers running Microsoft’s SQL Server software every minute. The worm, which became known as SQL Slammer, eventually became the fastest-spreading worm ever and helped change the way Microsoft approached security and reshaped the way many researchers handled advisories and exploit code. This is the inside story of SQL Slammer, told by the researcher who found the bug and wrote the exploit code that was later taken by Slammer’s authors and used as part of the worm.