Well I'm still getting hit at home on port 1433 so the worm is about on cable access. Actually you run a firewall just make sure inbound traffic is closed on port 1433. It actually checks to see of the SQL SA (Administrator) account was left at the default password or no password and or Admin name. Set the SA correctly and it should not be a problem.