Passionately curious about Data, Databases and Systems Complexity. Data is ubiquitous, the database universe is dichotomous (structured and unstructured), expanding and complex. Find my Database Research at SQLToolkit.co.uk . Microsoft Data Platform MVP

"The important thing is not to stop questioning. Curiosity has its own reason for existing" Einstein

Friday 22 May 2009

SQL Server security issues

Microsoft Security Bulletin http://www.microsoft.com/technet/security/bulletin/ms09-004.mspx issued in February 2009 is not an issue if you have SQL Server 2005 SP3 installed. If this is problematic to be installed, due to the fact that rollback requires the uninstall and reinstall of SQL Server, a fix to the vulnerability is

USE master
DENY EXECUTE ON sys.sp_replwritetovarbin TO public
NOTE: don’t use this with Transactional Replication with Updateable Subscriptions

The other fairly recent security issue from July 2008 is

No comments:

Post a Comment

Note: only a member of this blog may post a comment.