http://www.sqlservercentral.com/blogs/brian_kelley/2012/10/09/microsoft-security-bulletin-ms12-070-for-ssrs/

Printed 2014/11/27 09:22AM

Microsoft Security Bulletin MS12-070 for SSRS

By Brian Kelley, 2012/10/09

Today is black Tuesday for October 2012. One security bulletin is specifically for a component of the SQL Server stack: SQL Server Reporting Services. Here's the write-up from Microsoft:

Microsoft Security Bulletin MS12-070

This affects from SQL Server 2000 Reporting Services through SQL Server 2012 Reporting Services, all supported versions. This security bulletin provides a fix for a privilege escalation attack using cross-site scripting (XSS). If you have SQL Server Reporting Services in your environment, please read the bulletin and apply accordingly. At the present time there are no known attacks or publicly released exploits taking advantage of this vulnerability.

 

 


Copyright © 2002-2014 Simple Talk Publishing. All Rights Reserved. Privacy Policy. Terms of Use. Report Abuse.