If I ever meet the bastard that posted W32.SQLExp.Worm to the Internet and, hence, businesses:
"W32.SQLExp.Worm is a Category 3 worm that targets servers running Microsoft SQL. The worm sends 376 bytes to 1434/udp (the SQL Server Resolution Service Port).
Symantec Security Response recommends configuring perimeter devices to block 1434/udp traffic from untrusted hosts.
The worm has the unintended payload of performing a Denial of Service due to the large number of packets it sends out. "
I have now spent 13 hours at 'work' resolving the consequences of this thing and contacting people around the world to advise of course of action.
Wasn't pretty. And before anyone says "You should have had the Hotfix installed!!" obviously doesn't live in the real world or work for a multi-national company.
I had my morning shower at 1600, put my contacts in shortly after and am about to have a combined breakfast, lunch and dinner. Thank goodness I don't pay my mobile bill.
Check this out (Geez, I'm SURE I've posted an image bigger than 52kb before, seeing as I can't):