SQL Server Archives

SQL Server malware “MrbMiner” attacks

Cloud Security, Cybersecurity Attacks, Malware, Network Security / By Frank Crast / January 25, 2021 February 1, 2021 /

Security researchers have identified the source of a SQL Server malware “MrbMiner” attacks allegedly tied to an Iranian software firm.

Tags: Cryptocurrency, Cryptomining, Database, MrbMiner, SQL Server

Microsoft January 2021 Security Updates (to include zero-day RCE patch)

Security Updates & Patches, Vulnerabilities & Exploits / By Frank Crast / January 13, 2021 January 13, 2021 /

Microsoft has released the January 2021 Security updates that includes patches for 83 vulnerabilities, 10 of those rated Critical and 1 zero-day RCE vulnerability CVE-2021-1647 in Microsoft Defender.

Tags: .NET, ASP.NET, Azure, CVE-2021-1643, CVE-2021-1647, CVE-2021-1658, CVE-2021-1660, CVE-2021-1665, CVE-2021-1666, CVE-2021-1667, CVE-2021-1668, CVE-2021-1673, CVE-2021-1705, Edge, Malware Protection Engine, Microsoft Edge, Microsoft Office, Microsoft Windows, SQL Server, Visual Studio, Windows

Microsoft September 2020 Security and Adobe Updates

Security Updates & Patches, Vulnerabilities & Exploits / By Frank Crast / September 9, 2020 September 9, 2020 /

Microsoft has released the September 2020 Security updates that includes patches for 129 vulnerabilities, 24 of them rated Critical. Adobe also released updates for Experience Manager, Framemaker and InDesign.

Tags: ASP.NET, Azure DevOps, ChakraCore, CVE-2020-0878, CVE-2020-0908, CVE-2020-0922, CVE-2020-0997, CVE-2020-1057, CVE-2020-1129, CVE-2020-1172, CVE-2020-1182, CVE-2020-1200, CVE-2020-1210, CVE-2020-1252, CVE-2020-1285, CVE-2020-1319, CVE-2020-1452, CVE-2020-1453, CVE-2020-1460, CVE-2020-1508, CVE-2020-1576, CVE-2020-1593, CVE-2020-1595, CVE-2020-16857, CVE-2020-16862, CVE-2020-16874, CVE-2020-16875, Edge, Exchange Server, Internet Explorer, Microsoft Dynamics, Microsoft JET Database Engine, Microsoft Office, OneDrive, SQL Server, Visual Studio, Windows

Microsoft August 2020 Security and Adobe Updates

Security Updates & Patches, Vulnerabilities & Exploits / By Frank Crast / August 12, 2020 September 24, 2020 /

Microsoft has released August 2020 Security updates, that includes a patch for an actively attacked memory corruption vulnerability (CVE-2020-1380) in the Scripting Engine. Adobe also released updates for Adobe Acrobat and Reader, as well as Lightroom.

Tags: .NET Frame, .NET Framework, Acrobat, ASP.NET, ChakraCore, codecs, CVE-2020-1380, Edge, Internet Explorer, Microsoft, Office, SQL Server, Windows

Microsoft February 2020 Security Updates (includes IE zero-day fix)

Security Updates & Patches, Vulnerabilities & Exploits, Zero-days / By Frank Crast / February 11, 2020 September 15, 2020 /

Microsoft issued the February 2020 Security Updates that include 101 unique vulnerability fixes, 13 of those rated critical. The update also includes a patch for an IE zero-day scripting engine vulnerability CVE-2020-0674 disclosed in January.

Tags: ChakraCore, CVE-2020-0674, Edge, Exchange Server, Microsoft, SQL Server, Surface, Surface Hub, Windows

Microsoft December 2019 Security Updates (includes fix for one active exploit)

Security Updates & Patches, Vulnerabilities & Exploits / By Frank Crast / December 11, 2019 December 13, 2019 /

Microsoft issued the December 2019 Security Updates that include 36 unique vulnerability fixes, 7 of those rated critical and 29 rated important. One of the patches addresses a Win32k vulnerability under active attack in the wild.

Tags: Internet Explorer, Microsoft, Skype, SQL Server, Visual Studio, Windows

Microsoft August 2018 patch updates

Security Updates & Patches, Vulnerabilities & Exploits / By Frank Crast / August 15, 2018 October 9, 2019 /

Microsoft issued the August 2018 Security Updates that include over 60 unique vulnerability fixes, 19 of them rated critical and two zero days actively exploited.

Tags: .NET, Edge, Exchange, Microsoft, Office, SQL Server, Windows