News

SQL Server 7.0 Bug Fixed

A security vulnerability in Microsoft SQL Server 7.0 that could cause the database server to crash has been discovered and remedied.

If a specially malformed TDS packet is sent to a SQL Server, it can cause the SQL service to crash. The vulnerability would not allow any inappropriate access to the data on the server, nor would it allow a malicious user to usurp any administrative control on the machine. An affected machine could be put back into service by restarting the SQL service. This vulnerability could be remotely exploited if port 1433 were open at the firewall.

Microsoft SQL Server 7.0 is affected by this vulnerability. The Intel version of the patch is available at http://www.microsoft.com/Downloads/Release.asp?ReleaseID=16923 and the Alpha version is available at http://www.microsoft.com/Downloads/Release.asp?ReleaseID=16924. The patch does not locate the SQL folder and install the patched files into it. The user must copy the three files contained in it to the MSSQL7/BINN folder. -- Isaac Slepner

About the Author

Scott Bekker is editor in chief of Redmond Channel Partner magazine.

Featured

  • Microsoft 365 Users Getting My Feed and SharePoint Page Diagnostics

    Microsoft on Monday announced new Microsoft 365 and SharePoint Online improvements that are getting rolled out to subscribers.

  • Using Metadata To Make Non-Text Data Easier To Find

    Content indexing works well for finding files that contain text, but it's no help when searching for non-text data. Brien's workaround is to take advantage of Windows 10's file metadata feature.

  • Microsoft Previews Windows Autopilot for HoloLens 2

    Microsoft on Friday announced a public preview of Windows Autopilot for HoloLens 2, its mixed-reality headset.

  • Microsoft Flirts with Charging for API Software Connections

    Microsoft may have started something new by attempting to charge its customers for software that uses its application programming interfaces (APIs).

comments powered by Disqus