Security Advisor

MySQL Databases Let Loose User Passwords

In this edition's "Password Breach of the Week" story, news recently surfaced that an attacker could gain access to MySQL databases thanks to a flaw that will verify an incorrect password as correct.

While the flaw isn't found in all systems (and those running MySQL and its brother MariaDB databases on Windows are safe), this open door could give hackers access to all your info stored using the SQL language.

According to folks in the MariaDB camp, this flaw has the probability of popping up once in every 256 attempts. While those aren't the type of odds you would lay money down on in Vegas, know that an attacker could easily submit a password hundreds of times in a second. That's as close to a sure thing you're going to get in the world of cyber crime.

As with most security vulnerabilities, this bug can be easily avoided with patching your software to the latest version.

About the Author

Chris Paoli is the site producer for Redmondmag.com and MCPmag.com.

Featured

  • Microsoft Previews Windows Autopilot for HoloLens 2

    Microsoft on Friday announced a public preview of Windows Autopilot for HoloLens 2, its mixed-reality headset.

  • Microsoft Flirts with Charging for API Software Connections

    Microsoft may have started something new by attempting to charge its customers for software that uses its application programming interfaces (APIs).

  • Overcoming Spacesuit Anxiety During Astronaut Training

    Spacesuits are heavy, claustrophobic and hot -- an uncomfortable combination for many would-be astronauts. Here's how Brien came around to the idea of wearing one.

  • Microsoft Announces Azure Kubernetes Service Enhancements

    Microsoft this week announced a few Azure Kubernetes Service (AKS) product milestones as part of the KubeCon event.

comments powered by Disqus