Now all hosting companies offering IIS and SQL Server on Windows XP, 2003, Vista, and Server 2008 must watch out for a vulnerability allowing local users to raise his privilege level.

Microsoft stated in their advisory:

Hosting providers may be at increased risk from this elevation of privilege vulnerability.

But no explanation was provided.

Since IIS is a popular platform for may web hosting companies we may see targetted attacks on hosting companies (and their clients web sites) . If you work for or run your own hosting company you may have to keep an eye on your SQL server.

Read more at McAfee AVERT Labs Blog.

Popularity: 24% [?]