ISS X-Force reports that a worm is spreading via Microsoft SQL servers. The Spida worm is responsible for large amounts of Internet traffic as well as millions of TCP/IP probes. This worm attempts to locate and login to MS/SQL servers with the "sa" account and a blank password. "Once a vulnerable computer is found, the worm will infect that target, send its configuration and password information to an external host, and begin scanning for new targets."
Click here for more information.