Please start any new threads on our new
site at https://forums.sqlteam.com. We've got lots of great SQL Server
experts to answer whatever question you can come up with.
| Author |
Topic |
|
X002548
Not Just a Number
15586 Posts |
 Posted - 2003-07-28 : 12:02:01
|
| Don't know where this would go...butMy company is scrambling to get this fixed...Check this out:http://www.eweek.com/article2/0,3959,1204317,00.aspBrett8-) |
|
|
Andraax
Aged Yak Warrior
790 Posts |
Posted - 2003-07-29 : 03:12:17
|
| Don't you have firewalls?? Or are you concerned about internal threats? |
 |
|
|
X002548
Not Just a Number
15586 Posts |
Posted - 2003-07-30 : 12:49:32
|
| Doens't have to be an attack from the outside...could be hidden in an email and launched on open, no?Brett8-) |
|
|
|
Andraax
Aged Yak Warrior
790 Posts |
Posted - 2003-07-30 : 14:06:48
|
| Sure... But since the object of the exploit is to gain control of a computer over the internet, it would be kind of worthless to have it run on a computer in a secure zone, unless it's an internal hacker who wants control of the computer.But of course everyone should patch it anyway. |
|
|
|
SamC
White Water Yakist
3467 Posts |
Posted - 2003-07-30 : 14:46:03
|
| The article says there's a patch. I don't see no stinkin patch ! |
|
|
|
Andraax
Aged Yak Warrior
790 Posts |
Posted - 2003-07-30 : 15:57:48
|
| The patch is available via windows update, or right here:[url]http://www.microsoft.com/security/security_bulletins/ms03-026.asp[/url] |
|
|
|
X002548
Not Just a Number
15586 Posts |
Posted - 2003-07-31 : 14:40:32
|
quote:
Originally posted by Andraax
Sure... But since the object of the exploit is to gain control of a computer over the internet, it would be kind of worthless to have it run on a computer in a secure zone, unless it's an internal hacker who wants control of the computer.But of course everyone should patch it anyway.
Yeah but couldn't you build a "drone" that launches the code..then sends instruction through? And redirect out, or if malicious just start blowing things away..Like a nested sproc?Brett8-)SELECT POST=NewId() |
|
|
|
|
|
|
Microsoft Swiss Cheese