Previous
Automated Worm Attacks MS SQL Server
News It would be incorrect to label this a flaw in the software, nor is it a vulnerability in the usual sense. It builds an ActiveX object containing the commands to run via the xp_cmdshell and uses a brute-force password attack on the sa SQL Server...
[June 5, 2002, 14:09]
Windows XP, Office And SQL Server Open To New Attacks
News Microsoft late on Wednesday warned of three new bugs in its software, including a flaw in SQL Server 7.0 and 2000 that could allow an unauthorised user to execute particular administrative functions called Web tasks.
[October 17, 2002, 13:47]
Microsoft Issues Alert On Three 'critical' Flaws
News The software giant released a cumulative patch for Internet Explorer that fixes several vulnerabilities previously disclosed by the company, and it re-released an advisory for Microsoft's SQL Server software, warning that a flaw in that program...
[August 21, 2003, 8:45]
Microsoft Puts Out Three Patches
News The flaw could allow an attacker to take over a vulnerable system -- only after successfully disguising the attacking computer as an SQL server. The most major flaw affects Microsoft's Internet Security and Acceleration Server 2000, which is...
[January 14, 2004, 7:35]
Microsoft Issues Patch Tuesday DNS Fix
News All supported versions of Microsoft Windows 2000, Windows XP, Windows Server 2003 and Windows Server 2008 are affected by the flaw. The updates linked to in Tuesday's bulletins include a patch for a potentially serious underlying DNS flaw.
[July 9, 2008, 13:28]
Microsoft Warns On Windows And Server Security
News The second flaw, also a buffer overrun, affects the Database Console Commands that, if exploited, could give a hacker "complete control over all databases on the server". The flaw could allow a buffer overrun, "which could be exploited by a Web...
[October 4, 2002, 8:33]
FBI Warns Of Bugs For Christmas
News The second flaw affects sites using Microsoft's SQL (Structured Query Language) database software or the Microsoft Data Engine. Known as the "SQL Query Abuse" vulnerability, the flaw allows customers to submit queries and download information...
[December 5, 2000, 8:19]
Lowdown On Latest MS Security Bulletin
News The vulnerability is due to a flaw that can allow a user to log onto the system through the LADP client and gain access at the administrator level. MS02-036 -- Authentication Flaw in Microsoft Metadirectory Services
[August 6, 2002, 13:50]
Security Flaw In Key Microsoft Services
News Microsoft on Tuesday warned users of a number of its subscription programmes, including product testing and volume licensing, of a potential security flaw affecting the software they use for downloads.
[August 21, 2002, 7:38]
Microsoft, US Dispute Nuclear Software Threat
News The scientists discovered that the same bug existed in the newer version, although in a less serious form, along with a new security flaw that could give unauthorised people easy access to information stored in the database, Blair told CNET News...
[July 23, 2001, 17:03]
Microsoft Finds Several 'critical' Web Glitches
News The flaw occurs in an ActiveX control called XMLHTTP, which allows Web pages in the browser to send and receive XML data via HTTP, the standard Web transfer protocol. In Internet Explorer, a flaw exists in the way VBScripts -- pieces of code that...
[February 25, 2002, 17:31]
Windows WMF Woes Widen
News Just days after Microsoft rushed out a patch to fix a critical Windows flaw related to the processing of WMF images, two more problems with the component were flagged. Cybercriminals were taking advantage of that flaw to attack Windows computers...
[January 10, 2006, 8:45]
Microsoft Warns Again On Windows
News The flaw is unusually widespread, affecting all versions of DirectX from version 5.2 to the current 9.0a running on all versions of Windows from Windows 98 through the new Windows Server 2003, according to the Microsoft bulletin.
[July 24, 2003, 7:40]
US Army Attacked Via New Windows Flaw
News The flaw, known as a buffer overflow, is in a component of the software that handles the World Wide Web Distributed Authoring and Versioning (WebDAV) protocol in Microsoft's Internet Information Server (IIS).
[March 18, 2003, 7:43]
Hyperthreading Hurts Server Performance, Say Developers
News Earlier this year, Intel hyperthreading was revealed to have a security flaw where threads could find information from each other through the shared cache despite having no access to each other's memory space.
[November 18, 2005, 10:55]
Microsoft Fails Slammer's Security Test
News The company had informed customers six months earlier about a flaw and included patches in both a roll-up patch -- a software update that includes all the latest patches -- and in the company's latest service pack for Microsoft SQL Server 2000.
[January 28, 2003, 8:39]
Worm Exploits Major Windows Flaw
News The worm pieces together code to exploit the most recent major flaw in Windows with publicly available tools, such as the Trivial File Transfer Protocol (TFTP) server. The Code Red worm spread slowly at first, then quickly, after someone modified...
[August 12, 2003, 8:55]
Slammer May Not Feed On Microsoft Alone
News While the company had issued a patch for the flaw six months earlier, more than 200,000 computers and information appliances were still not patched at the time of the attack and became infected, according to the latest estimates from security...
[January 30, 2003, 7:49]
Microsoft Releases Anti-Slammer Tools
News The Slammer virus, which struck on 25 January, exploited a flaw in the SQL Server database and caused an estimated $1bn in damage in the first five days as it rapidly spread around the globe. The software tools, posted on Microsoft's Web site, give...
[February 6, 2003, 15:02]
Oracle: Have It Our Way
News We think that's a fundamental flaw in the way software is sold," Ellison said. This year, Ellison offered the money to anyone whose web site does not run three times faster, upon replacement of Microsoft SQL Server or IBM DB2 software with Oracle's...
[October 4, 2000, 8:10]
