Microsoft confirms critical SQL Server vulnerability
Microsoft late Monday issued a pre-patch advisory confirming a remote code execution vulnerability affecting its SQL Server line.The vulnerability, publicly disclosed with exploit code more than two weeks ago, affects Microsoft SQL Server 2000, Microsoft SQL Server 2005, Microsoft SQL Server 2005 Express Edition, Microsoft SQL Server 2000 Desktop Engine (MSDE 2000), Microsoft SQL Server 2000 Desktop Engine (WMSDE), and Windows Internal Database (WYukon).