'

Microsoft SQL zero-day adds to IE7 woes

A zero day vulnerability has been reported in Microsoft SQL server.Austrian pen-testing outfit SEC Consult has put out an advisory warning of a limited memory overwrite vulnerability in Microsoft SQL Server.

A zero day vulnerability has been reported in Microsoft SQL server.

Austrian pen-testing outfit SEC Consult has put out an advisory warning of a limited memory overwrite vulnerability in Microsoft SQL Server.

Earlier today I spoke to Bernhard Mueller, the security consultant for SEC Consult who found the vulnerability. He told me that SEC Consult had informed Microsoft of the flaw back in April, but that since September there had been "some communication problems", so SEC Consult had decided the publicise the vulnerability. Microsoft has produced a patch, said Mueller, but has not yet released it.

The flaw could allow a SQL injection attack against websites, and also could allow an attack by an authenticated user, added the consultant.

In the advisory is code that people can use to test if their systems are vulnerable.

Mueller told me that the flaw will "probably be exploited in targeted attacks".

A workaround suggested by Mueller is to remove the sp_replwriterovarbin extended stored procedure, and run: execute dbo.sp_dropextendedproc 'sp_replwritetovarbin' as an administrator.

This is the second Microsoft zero-day vulnerability to be reported this week. An flaw for a heap overflow flaw in the IE7 XML parser was publicised on Thursday.