Microsoft SQL Server

Microsoft announced a new security vulnerability affecting almost the entire Microsoft SQL Server product line. The warning verifies a vulnerability allowing remote code execution on systems running:

• Microsoft SQL Server 2000
• Microsoft SQL Server 2005
• Microsoft SQL Server 2005 Express Edition
• Microsoft SQL Server 2000 Desktop Engine (MSDE 2000)
• Microsoft SQL Server 2000 Desktop Engine (WMSDE)
• and Windows Internal Database (WYukon)

Note: Systems with Microsoft SQL Server 7.0 Service Pack 4, Microsoft SQL Server 2005 Service Pack 3, and Microsoft SQL Server 2008 are not affected by this vulnerability.

From the advisory:

Microsoft is aware that exploit code has been published on the Internet for the vulnerability addressed by this advisory. Our investigation of this exploit code has verified that it does not affect systems that have had the workarounds listed below applied. Currently, Microsoft is not aware of active attacks that use this exploit code or of customer impact at this time.

In addition, due to the mitigating factors for default installations of MSDE 2000 and SQL Server 2005 Express, Microsoft is not currently aware of any third-party applications that use MSDE 2000 or SQL Server 2005 Express which would be vulnerable to remote attack. However, Microsoft is actively monitoring this situation to provide customer guidance as necessary.

…

Customers who believe that they have been attacked can obtain security support at Get security support and should contact the national law enforcement agency in their country. Customers in the United States can contact Customer Service and Support at no charge using the PC Safety hotline at 1-866-PCSAFETY. Additionally, customers in the United States should contact their local FBI office or report their situation at Internet Crime Complaint Center.

Microsoft recommends that all users keep Windows updated and apply Microsoft Security updates regularly.