Security overhaul to postpone SQL server
An upgrade to SQL Server, code-named Yukon, will be delayed from late this year to early next year, said company officials here last week, to build more security features into the database. According to the officials, Microsoft pulled its 1,000-person development team off the latest SQL Server database earlier this year to focus solely on security for three months.
SQL Server users said Microsoft's new focus on security is much-needed, as databases are increasingly open to users outside a company's firewall through the Web. SQL Server has become a common target for hackers because of its increasing use, particularly among smaller companies that might lack in-house security expertise, said Ron Talmage, an independent SQL Server consultant and owner of Prospice LLC, in Seattle. "[Microsoft] didn't have any choice but to focus on security," Talmage said. "It's no longer just an irritation; it's a necessity."
[ Read more ]
- Article: Threat Profiling Microsoft SQL Server (3 September 2002)
- Article: Microsoft SQL Server Passwords (Cracking the password hashes) (10 July 2002)
- Article: (more) Advanced SQL Injection (3 July 2002)
- Article: Violating Database - Enforced Security Mechanisms (28 June 2002)