SQL Server Performance

Microsoft Security Advisory

Discussion in 'SQL Server News' started by dineshasanka, Dec 23, 2008.

  1. dineshasanka Moderator

    Microsoft has warned customers of a critical vulnerability in older versions of SQL Server. The company recommends users work around this vulnerability themselves. The vulnerability exists in the extended stored procedure sp_replwritetovarbin and could allow an attacker to execute arbitrary code as the SQL Server process. The stored procedure is available by default on all affected SQL servers and can be exploited directly by a user or through SQL injection vulnerabilities.
    More at http://www.heise-online.co.uk/news/Critical-vulnerability-in-older-versions-of-SQL-Server--/112304

Share This Page