KLA11310
ACE vulnerability in Microsoft SQL Server
Обновлено: 26/06/2019
Дата обнаружения
14/08/2018
Уровень угрозы
Critical
Описание

A buffer overflow vulnerability was found in Microsoft SQL Server. Malicious users can exploit this vulnerability via specially crafted query to execute arbitrary code.

Пораженные продукты

Microsoft SQL Server 2016 for x64-based Systems Service Pack 1
Microsoft SQL Server 2016 for x64-based Systems Service Pack 1 (CU)
Microsoft SQL Server 2016 for x64-based Systems Service Pack 2
Microsoft SQL Server 2016 for x64-based Systems Service Pack 2 (CU)
Microsoft SQL Server 2017 for x64-based Systems
Microsoft SQL Server 2017 for x64-based Systems (CU)

Решение

nstall necessary updates from the KB section, that are listed in your Windows Update (Windows Update usually can be accessed from the Control Panel)

Первичный источник обнаружения
CVE-2018-8273
Оказываемое влияние
?
ACE 
[?]
Связанные продукты
Microsoft SQL Server
CVE-IDS
CVE-2018-82739.8Critical
KB list

4293808
4293805
4293802
4293803
4458621
4458842

Microsoft official advisories
Microsoft Security Update Guide