Microsoft Security Bulletin http://www.microsoft.com/technet/security/bulletin/ms09-004.mspx issued in February 2009 is not an issue if you have SQL Server 2005 SP3 installed. If this is problematic to be installed, due to the fact that rollback requires the uninstall and reinstall of SQL Server, a fix to the vulnerability is
USE master
GO
DENY EXECUTE ON sys.sp_replwritetovarbin TO public
GO
NOTE: don’t use this with Transactional Replication with Updateable Subscriptions
The other fairly recent security issue from July 2008 is
http://www.microsoft.com/technet/security/bulletin/ms08-040.mspx
No comments:
Post a Comment
Note: only a member of this blog may post a comment.