Blog Post

Microsoft Security Bulletin MS12-070 for SSRS

,

Today is black Tuesday for October 2012. One security bulletin is specifically for a component of the SQL Server stack: SQL Server Reporting Services. Here's the write-up from Microsoft:

Microsoft Security Bulletin MS12-070

This affects from SQL Server 2000 Reporting Services through SQL Server 2012 Reporting Services, all supported versions. This security bulletin provides a fix for a privilege escalation attack using cross-site scripting (XSS). If you have SQL Server Reporting Services in your environment, please read the bulletin and apply accordingly. At the present time there are no known attacks or publicly released exploits taking advantage of this vulnerability.

 

 

Rate

You rated this post out of 5. Change rating

Share

Share

Rate

You rated this post out of 5. Change rating

Related content

External Article

Securing Reporting Services

Marcin Policht continues his discussion of implementing Reporting Services on SQL Server 2005 Express Edition, focusing in particular on security-related topics. This article continues this subject by describing other technologies that assist with data protection, their corresponding configuration settings, and a few authentication and authorization caveat

2009-10-07

2,632 reads

Technical Article

Migrating A SQL Server 2005 Reporting Services Named Instance, The Missing Manual

Microsoft has always been pretty good at one thing, ease on install. One of the things I always says is the greatest thing about SQL Server is any idiot can install it. The other thing I also say is the worst thing about SQL Server is any idiot can install...

You rated this post out of 5. Change rating

2009-07-01

4,332 reads