On mySimon: Samsung 55" LED TV
BNET Business Network:
BNET
TechRepublic
ZDNet

December 22nd, 2008

Microsoft confirms critical SQL Server vulnerability

Posted by Ryan Naraine @ 5:00 pm

Categories: Arbitrary Code Execution, Data theft, Denial of Service (DoS), Exploit code, Locally Running Web Servers, Malware, Microsoft, Patch Watch, Pen testing, Responsible disclosure, Viruses and Worms, Vulnerability research, Zero-day attacks

Tags: Microsoft SQL Server, Vulnerability, Server, Exploit Code, Microsoft Corp., Microsoft SQL Server 2005, Databases, Enterprise Software, Security, Software

MS confirms SQL Server vulnerability, posts workaroundsMicrosoft late Monday issued a pre-patch advisory confirming a remote code execution vulnerability affecting its SQL Server line.

The vulnerability, publicly disclosed with exploit code more than two weeks ago, affects Microsoft SQL Server 2000, Microsoft SQL Server 2005, Microsoft SQL Server 2005 Express Edition, Microsoft SQL Server 2000 Desktop Engine (MSDE 2000), Microsoft SQL Server 2000 Desktop Engine (WMSDE), and Windows Internal Database (WYukon).

From the advisory:

[ SEE: As attacks escalate, MS readies emergency IE patch  ]

Microsoft is aware that exploit code has been published on the Internet for the vulnerability addressed by this advisory. Our investigation of this exploit code has verified that it does not affect systems that have had the workarounds listed below applied. Currently, Microsoft is not aware of active attacks that use this exploit code or of customer impact at this time.

In addition, due to the mitigating factors for default installations of MSDE 2000 and SQL Server 2005 Express, Microsoft is not currently aware of any third-party applications that use MSDE 2000 or SQL Server 2005 Express which would be vulnerable to remote attack. However, Microsoft is actively monitoring this situation to provide customer guidance as necessary.

[ SEE: MS Patch Tuesday whopper: 28 vulnerabilities in Windows, IE, Office  ]

The vulnerability is not exposed anonymously. An attacker would need to either authenticate to exploit the vulnerability or take advantage of a SQL injection vulnerability in a Web application that is able to authenticate, Microsoft explained.

A T-SQL script is available to test systems for this issue.  In the absence of a patch, Microsoft recommends that SQL Server admins deny permissions on the sp_replwritetovarbin extended stored procedure.  See more in the Microsoft advisory.

Ryan NaraineRyan Naraine is a journalist and security evangelist at Kaspersky Lab. He manages Threatpost.com, a security news portal. Here is Ryan's full profile and disclosure of his industry affiliations.


Email Ryan Naraine

For daily updates on Ryan's activities, follow him on Twitter.

Subscribe to Zero Day via Email alerts or RSS.

  • Talkback
  • Most Recent of 14 Talkback(s)
C2 Certification
Well, since you brought it up and I was curious, I just reread the criteria overview, and it's not about anything more than having features that an admin could implement if they wanted. It's doesn't r... (Read the rest)
Posted by: 8string Posted on: 12/24/08 You are currently: a Guest | | Terms of Use
Wrong logo?  LBiege | 12/22/08
The correct logo should be a sieve. silly  V@... | 12/23/08
I wouldn't give up on OSS yet.  ye | 12/23/08
Jumping from the frying pan into the fire  LBiege | 12/23/08
I had quite the opposite experience...  storm14k | 12/23/08
Good one  Chad_z | 12/23/08
Anti-OSS Trolls  V@... | 12/23/08
At least by 2003 ...  LBiege | 12/23/08
And...  zkiwi | 12/23/08
How's that C2 certification working out for them?  jasonp@... | 12/24/08
C2 Certification  8string | 12/24/08
RE: Microsoft confirms critical SQL Server vulnerability  MarkHarrison | 12/24/08
RE: Microsoft confirms critical SQL Server vulnerability  Tedscribe@... | 12/24/08
RE: Microsoft confirms critical SQL Server vulnerability  infoz | 12/24/08

What do you think?

SponsoredWhite Papers, Webcasts, and Downloads

advertisement

Recent Entries

advertisement
Click Here

Archives

Favorite Links

ZDNet Blogs

White Papers, Webcasts, and Downloads

Meet Doc

  • Here to help you with your Document Management Needs
  • Doc is an enigma. Born to a Russian ballerina and a German electrical engineer, he grew up in various locations in the United States. He’s seen the insides of more brands, versions, and generations of printer and printer-related hardware than almost anyone.
  • To learn more about this mysterious figure check out his blog on ZDNet and his Workspace on TechRepublic. You’ll be glad you did.
  • Produced by
    ZDNet and