SQL Server 2008 Safe from critical vulnerability affecting Microsoft Data Platform

The latest iteration of SQL Server is safe from a critical vulnerability affecting the Microsoft data platform. Bill Sisk explained in a Microsoft Security Advisory (961040): “We are aware that a vulnerability in SQL Server that could allow for remote code execution has been published on the Internet; however, we are not aware of any […]

The latest iteration of SQL Server is safe from a critical vulnerability affecting the Microsoft data platform. Bill Sisk explained in a Microsoft Security Advisory (961040): “We are aware that a vulnerability in SQL Server that could allow for remote code execution has been published on the Internet; however, we are not aware of any attacks attempting to use the reported vulnerability.

It’s important to note that systems with Microsoft SQL Server 7.0 Service Pack 4, Microsoft SQL Server 2005 SP3 and Microsoft SQL Server 2008 are not affected by this issue.  Also, because, by default, Microsoft SQL Server Desktop Engine 2000 (MSDE 2000) and SQL Server 2005 Express do not allow remote connections, attackers would have to already have local access to machines running MSDE 2000 and SQL Server 2005 Express to exploit this vulnerability.”