1. Welcome Guest! In order to create a new topic or reply to an existing one, you must register first. It is easy and free. Click here to sign up now!.
    Dismiss Notice

MS14-044 - Important: Vulnerabilities in SQL Server Could Allow Elevation of Privilege...

Discussion in 'Security Updates' started by Microsoft Security, Aug 12, 2014.

  1. Microsoft Security

    Microsoft Security Guest

    Severity Rating: Important
    Revision Note: V1.0 (August 12, 2014): Bulletin published.
    Summary: This security update resolves two privately reported vulnerabilities in Microsoft SQL Server (one in SQL Server Master Data Services and the other in the SQL Server relational database management system). The more severe of these vulnerabilities, affecting SQL Server Master Data Services, could allow elevation of privilege if a user visits a specially crafted website that injects a client-side script into the user's instance of Internet Explorer. In all cases, an attacker would have no way to force users to view the attacker-controlled content. Instead, an attacker would have to convince users to take action, typically by getting them to click a link in an email message or in an Instant Messenger message that takes them to the attacker's website, or by getting them to open an attachment sent through email.

    View the full article
     
    Microsoft Security, Aug 12, 2014
    #1

Share This Page