Topics:
Security
Second Zero Day Flaw Nails Microsoft In Two Weeks
Unlike the patch that recently was released for the zero-day vulnerability that surfaced on Patch Tuesday (12/9), there have been no confirmed attacks against this latest threat. Early reports indicate vulnerable applications include: Microsoft SQL Server 2000, Microsoft SQL Server 2005, Microsoft SQL Server 2005 Express Edition, Microsoft SQL Server 2000 Desktop Engine (MSDE 2000), Microsoft SQL Server 2000 Desktop Engine, and Windows Internal Database. Fortunately, the latest versions -- the more recent Microsoft SQL Server 2008 and Microsoft SQL Server 7.0 Service Pack 4 of SQL -- aren't at risk to this attack. A potential mitigating factor for this vulnerability is that whether the attacker is local or remote attacker, it must be authenticated to the target system. Microsoft's advisory for the issue is available here. « Top 5 Smartphones Of The Year | Main | Looking Into The Content Management Crystal Ball » |
| Sign Up Now For InformationWeek News Alerts |
This is a public forum. United Business Media and its affiliates are not responsible for and do not control what is posted herein. United Business Media makes no warranties or guarantees concerning any advice dispensed by its staff members or readers.
Community standards in this comment area do not permit hate language, excessive profanity, or other patently offensive language. Please be aware that all information posted to this comment area becomes the property of United Business Media LLC and may be edited and republished in print or electronic format as outlined in United Business Media's Terms of Service.
Important Note: This comment area is NOT intended for commercial messages or solicitations of business.
