MySQL code may be rewritten thanks to the latest Internet worm threat.
Developers of the open-source database are working on simple ways to protect users against the Forbot worm, but patching may not be enough and bigger software security changes are being considered.
According to South African Sophos distributor, NetXactics, the worldwide installation base of MySQL users, particularly those running Windows, has been warned that the Forbot worm uses brute force to break into systems.
"Apart from spreading across the Internet, the worm also attempts to create a zombie bot network, which would allow hackers remote access to infected systems, and the potential to launch a denial of service (DoS) attack from the bot network," said NetXactics CEO Brett Myroff.
Zak Urlocker, vice-president of marketing at MySQL, admitted that it is working on harder security fixes which will include automatic update features that push software fixes to default installations making them harder to crack.
While the threat posed by the new Internet worm is seen as significant, Sophos does not predict that the problem will be as big as the previous SQL Slammer, which attacked Microsoft’s version of the SQL Database in 2003, and brought many companies to their knees.
Security experts are also warning companies to check their systems to see if MySQL is installed somewhere as in many cases it is installed and forgotten about, or downloaded by employees into desktops or laptops to tinker with.
Find your next job with techworld jobs