Tuesday, December 23, 2008

New SQL Server Zero-Day

Microsoft issued an advisory Monday about the public release of exploit code for a SQL Server vulnerability discovered earlier this month.

The issue could allow an attacker to remotely execute code on a compromised server through SQL injection.

Details are on the MSRC blog and were published today in an article by TechTarget. The vulnerability was discovered security researcher Bernhard Mueller of SEC Consult.


Post a Comment

<< Home