Vulnerability: Microsoft SQL Server

CERT says it has received reports of systems being compromised through automated exploitation of null or weak default sa passwords in Microsoft SQL Server and Microsoft Data Engine.

This activity is accompanied by high volumes of scanning, and could be related to recently discovered self-propagating malicious code, such as Spida, SQLsnake, and Digispid.

More information on the vulnerabilities is available on the CERT web site:

Join the newsletter!


Sign up to gain exclusive access to email subscriptions, event invitations, competitions, giveaways, and much more.

Membership is free, and your security and privacy remain protected. View our privacy policy before signing up.

Error: Please check your email address.

More about CERT AustraliaMicrosoft

Show Comments