I'm not following here. The postings I've seen indicate it's using the Buffer Overflow vulnerability found by NGSSoftware and reported in MS02-039. SP3 and the patch from MS02-039 (to include the one available in MS02-061) cover that vulnerability. Are you seeing another attack vector? If so, what else are you seeing is required?

K. Brian Kelley

http://www.truthsolutions.com/

Author: Start to Finish Guide to SQL Server Performance Monitoring

http://www.netimpress.com/shop/product.asp?ProductID=NI-SQL1