SQL Clone
SQLServerCentral is supported by Redgate
Log in  ::  Register  ::  Not logged in

Vulnerability announcements coming for Windows products

I'm a little late on this one, but Cesar Cerrudo has announced he's going to demonstrate exploits to Windows Server 2008, IIS 7.0, and SQL Server at the Hack in the Box conference in Dubai:

Windows Server 2008, Still not totally secure 

The Windows Server 2008 exploits appear to be privilege escalation attacks. With IIS 7.0 it looks like an attack on ASP.NET, based on what was posted. He didn't get specific on SQL Server other than to say that it, too, was a privilege escalation attack as well. The Windows Server 2008 vulnerabilities are worrisome because the attacks use the lower privileged accounts to escalate to SYSTEM. This should prove to be an interesting month.


K. Brian Kelley - Databases, Infrastructure, and Security

IT Security, MySQL, Perl, SQL Server, and Windows technologies.


No comments.

Leave a Comment

Please register or log in to leave a comment.