A new worm has been discoverd that exploits weak MySQL installations on Windows-based platforms.
The SANS Institute's Storm Centre said that the MySQL worm takes advantage of weak passwords and the database's support for remote configuration. It is said that thousands of vulnerable databases have been infected by this worm so far.
The bot uses the known "MySQL UDF Dynamic Library Exploit". In order to launch itself, the bot first has to authenticate to MySQL as the "root" user. A long list of passwords is included with the bot, and it will try a brute force technique to get the password.
The insitute said that MySQL users should use stronger passwords and need to make use of a firewall to prevent infection and spreading of this worm.