Microsoft Security Advisory (951306)

Monday Apr 21st 2008 by DatabaseJournal.com Staff

Customers who allow user-provided code to run in an authenticated context, such as within Internet Information Services (IIS) and SQL Server, should review this advisory.

[From Microsoft]

Microsoft is investigating new public reports of a vulnerability which could allow elevation of privilege from authenticated user to LocalSystem, affecting Windows XP Professional Service Pack 2 and all supported versions and editions of Windows Server 2003, Windows Vista, and Windows Server 2008.

The article continues at http://www.microsoft.com/technet/security/advisory/951306.mspx

Mobile Site | Full Site