Microsoft came clean and admitted its SQL Server database software is vulnerable to code injection attacks. It’s not a new flaw but the same bug in the database software that emerged around the time of Microsoft’s monthly Patch Tuesday update earlier this month. In an advisory, Redmond’s security gnomes confirmed that code has been produced that exploits a security bug affecting Microsoft SQL Server 2000, Microsoft SQL Server 2005 and Windows Internal Database, in certain configurations.
Uncategorized December 25th 2008