Skip to main content

Security Update for SQL Server

This month Microsoft released a rare patch for SQL Server. A Security Update to fix venerability within Reporting Services.

We'd urge you to check the bulletin list of susceptible candidate versions of SQL Server. Rather, since there are so many versions susceptible, scroll to the list of non-affected versions. If your install is listed here, breath easy. If not, this update's for you.

I installed and function tested the update on SQL 2008. It's straightforward and SQL Server needs a re-start to kick it in, which means an outage if you're applying this to a core business server.

This patch covers a venerability in Reporting Services. Through this loop-hole malicious code could elevate access privileges and gain control and cause some damage. The malicious code could be planted on a web site or in an advertisement. Looking innocent enough, it's the sort of thing anybody could trigger.

The link between an external web site or advertisement and your internal SQL Server is not spelled out in the MS documentation. However, Microsoft give this an "Important" rating, which means they know the threat exists. The patch software targets Reporting Services components, which implies; an environment with web based interfaces to Reporting Services would be at-risk.


Link to: Security Bulletin

Link to: Security Update


Securely yours,
Pete Q


Popular

Online Legal Service Conference - Sydney 2014

I recently presented at this conference held in Sydney. The day before I had been at a briefing by MobileIron on their security technologies for Mobile devices. It was interesting to hear both sides of the mobile security argument.

I am here today as both an observer and a participant in global legal services. I am the CEO of Timeframe a consulting firm based in both the USA and Australia.

My story used to be an exception in law, someone trying to bridge two very different cultures, this is no longer the case.

So the US, UK and Australia. Who is leading? All of them! It depends on the question.

I was in Perth earlier. One of the cities that we are told missed the GFC, and yet it is the most expensive city in the world outside Scandinavia to live in. Moody's recently reported Perth has the postcode with the nation's highest mortgage delinquency rate. And so we have a tale of two economies.

A similar story is unfolding for legal services practitioners. Major clients are no lon…

Smarter eCommerce mailouts - Opening up Retail Express to Mailchimp

Translator for MailChimp
Currently the sources used for email marketing include Shopify, Retail Express MailChimp, other mail applications such as Outlook groups and CRM systems like Insightly. Would it be nice to have ONE list?

·Seamless and Simple without end user intervention
The Translator for MailChimp means one centralised mailing list, providing centralized reporting and results. We can run tight campaigns and then report and measure the success of the campaign. Both with clicks and reads AND sales.

This is all done using the categories that you understand and value.


For more information please contact us at info@translatorhq.com.au