And again…

Here’s yet another story of yet another Microsoft hole being exploited. This time it’s in their SQL Server product. Seems like there are more exploits being – well – exploited than in something that’s extremely exploitable.

Microsoft is now warning users of a serious bug in its SQL Server database software, just days after patching a critical flaw in its Internet Explorer browser

However, for me, the most telling comment of this – yet another – security hole in Microsoft’s code was the last sentence on Techworld’s article:

It was publicly disclosed on 9 December by SEC Consult Vulnerability Lab, which said it had notified Microsoft of the issue in April.

See that? M$ were informed back in April. Somehow I don’t think the FOSS community would wait that long to fix a major security hole in a very widespread product. Do you?

(Thanks to Techworld for keeping us abreast of these important news items)

Tags: , ,


Leave a Reply

XHTML: You can use these tags:
<a href="" title=""> <abbr title=""> <acronym title=""> <b> <blockquote cite=""> <cite> <code> <del datetime=""> <em> <i> <q cite=""> <s> <strike> <strong>