Please start any new threads on our new
site at https://forums.sqlteam.com. We've got lots of great SQL Server
experts to answer whatever question you can come up with.
| Author |
Topic |
|
AskSQLTeam
Ask SQLTeam Question
0 Posts |
 Posted - 2002-07-11 : 08:53:14
|
This is a cumulative patch that, when applied, address all previously addressed vulnerabilities. In addition, it eliminates three new vulnerability: - A buffer overrun vulnerability in a procedure that handles password encryption for SQL Server authentication that could enable code of an attacker's choice to be run in the same context as the SQL Server.
- A buffer overrun vulnerability in a procedure that handles bulk inserting of database tables that could enable an attacker's code to run in the SQL Server Service Account's security context.
- A privilege elevation vulnerability that could enable an attacker to gain the ability to execute SQL Server commands in the security context of the operating system.
Article Link. |
|
|
sgtwilko
Starting Member
23 Posts |
Posted - 2002-07-22 : 14:03:36
|
| This patch can also degrade your perfomance with some queries on SMP machines.We are working with Microsoft to resolve this issue.This only happens with large queries that SQL server does not produce a suitable Query plan for.-- Eagles may soar,but Weasels aren't sucked into jet engines. |
 |
|
|
|
|
|
Article: Cumulative Patch for SQL Server 2000