RealTime IT News

Microsoft Patches Vulnerable SQL Servers

Microsoft has issued a security patch to two versions of its SQL Server software that were vulnerable to attackers.

Microsoft said the patch was for a buffer overrun vulnerability which affected its SQL Server 7.0 and 2000 database software. In an advisory, the company said the flaw could cause SQL failure or allow hackers to execute code in the security context in which SQL Server is running.

"SQL Server can be configured to run in various security contexts, and by default runs as a domain user. The precise privileges the attacker could gain would depend on the specific security context that the service runs in," Microsoft said.

"An attacker could exploit this vulnerability in one of two ways. Firstly, the attacker could attempt to load and execute a database query that calls one of the affected functions. Secondly, if a web-site or other database front-end were configured to access and process arbitrary queries, it could be possible for the attacker to provide inputs that would cause the query to call one of the functions in question with the appropriate malformed parameters."

SQL Server 7.0 and 2000 both provide for extended stored procedures, which are external routines written in a programming language such as C. Microsoft said these procedures appear to users as normal stored procedures and are executed in the same way.

The patch for SQL 7.0 is available here and, for SQL Server 2000, it can be found here.

To ensure proper patch installation in 7.0, Microsoft has urged Webmasters to verify the individual files by consulting the date/time stamp of the files listed in the file manifest in the Microsoft Knowledge Base article.

For SQL Server 2000, verification of the individual files can be done by consulting the date/time stamp of the files listed in the file manifest here