SecurityFocus is recommending that companies running SQL Server check that their account does not have a blank password, and use a firewall to block port 1433.