NEWS FROM THE LAB - Wednesday, July 9, 2008

DNS and SQL Updates Posted by Sean @ 16:22 GMT

Microsoft released four security updates yesterday.

July Updates

The DNS update is noteworthy as it's part of a significant multi-vendor effort. There will be lots of patching going on as a result.

The MS08-037 update reportedly conflicts with ZoneAlarm's firewall software. Proceed with caution if you have ZA installed.

All of this month's updates are rated as important.

The SQL update is of interest to us what with the recent SQL Security Advisory and the rise in Mass SQL injection attacks.

Microsoft is working to secure SQL servers. Clearly there's a group of bad guys focused on SQL.

How could an attacker exploit the patched vulnerabilities?

An authenticated attacker could create insert statements that cause a buffer overrun, thus corrupting memory in such a way as to allow code execution — and you can easily do INSERT statements in SQL injections if the code isn't sanitized properly.

We recommend that you try out the free HP Scrawlr and UrlScan tools mentioned the SQL advisory and apply the SQL update to your servers.

Update: The Microsoft Security Response Center (MSRC) has a revision for MS08-037.