Microsoft confirms critical SQL Server vulnerabilityDecember 22, 2008 – 6:38 PM
Microsoft late Monday issued a pre-patch advisory confirming a remote code execution vulnerability affecting its SQL Server line.
The vulnerability, publicly disclosed with exploit code more than two weeks ago, affects Microsoft SQL Server 2000, Microsoft SQL Server 2005, Microsoft SQL Server 2005 Express Edition, Microsoft SQL Server 2000 Desktop Engine (MSDE 2000), Microsoft SQL Server 2000 Desktop Engine (WMSDE), and Windows Internal Database (WYukon).
The vulnerability is not exposed anonymously. An attacker would need to either authenticate to exploit the vulnerability or take advantage of a SQL injection vulnerability in a Web application that is able to authenticate, Microsoft explained.
A T-SQL script is available to test systems for this issue. In the absence of a patch, Microsoft recommends that SQL Server admins deny permissions on the sp_replwritetovarbin extended stored procedure. See more in the Microsoft advisory.