Browse by Tags

• patches
• sql injection
• Vulnerability

• Very important SQL Server update

  There is a patch available for four elevation of privilege vulnerabilities recently discovered in SQL Server. From http://www.microsoft.com/technet/security/bulletin/ms08-Jul.mspx : This security update resolves four privately disclosed vulnerabilities. Read More... Posted Tuesday, July 08, 2008 6:32 PM by AaronBertrand | 3 Comments Filed under: security, Vulnerability, patches

• Call a spade a spade! (SQL injection, or IIS vulnerability?)

  In a recent blog post, Dancho Danchev mis-labeled a recent IIS vulnerability as a " massive SQL injection attack ." Let's be honest here. Yes, this alert needs attention. But this is not a new SQL injection vulnerability. It is simply an exploit in IIS Read More... Posted Saturday, April 26, 2008 1:06 PM by AaronBertrand | 10 Comments Filed under: sql injection, security