LOS ANGELES: Companies cleaned up their computer systems after a fast-spreading worm shut down web servers in an attack that slowed the Internet for users around the world.

South Korea, the world's most wired country, was believed to be hit the hardest in the attack, which began early Saturday, spreading through network connections rather than e-mail as many viruses do.

The worm, dubbed "SQL Slammer" ("sequel") because it exploits a weakness in Windows 2000  SQL server database software, did not delete or otherwise touch data.

However, it crashed servers and congested traffic on the global network for a few hours, slowing downloads by as much as 50 percent, according to Internet performance monitoring firm Keynote Systems.But the most damaging attack on the Internet in 18 months was curbed faster than the Code Reds and Nimda worms of September 2001, as Internet service providers moved quickly to block traffic from infected machines to others, experts said.

Microsoft re-released a patch for the vulnerability, which was first issued about six months ago, with software to make it easier to install than the original patch was, said Scott Charney, Microsoft's chief security strategist.

Concern also shifted to desktop computers that may have some of the SQL code on them, such as Microsoft Desktop Engine 2000, according to Russ Cooper, a research expert at TruSecure Corp. He said Compaq Insight Manager, Dell Open Manager and HP OpenView also contain "mini SQL servers."

During the attack, there was a one in 5 chance that e-mail would not get through or downloading information from a website would take one to two minutes instead of 10 seconds, according to Ohlsson.

"In the final analysis, what we had was a major nuisance that was short-lived," he added. Amazon.com and eBay remained unaffected.

© Reuters