Monday, 20 July 2015

SQL Server Security Bulletin MS15-058 Released

A SQL Server security bulletin (MS15-058) was released yesterday (14-Jul-2015).
This update resolves vulnerabilities in Microsoft SQL Server that could allow remote code execution if an authenticated attacker runs a specially crafted query that is designed to execute a virtual function from a wrong address. This leads to a function call to uninitialized memory.
It applies to:
  • SQL Server 2008
  • SQL Server 2008 R2
  • SQL Server 2012
  • SQL Server 2014

No comments:

Post a Comment