Microsoft warns users of a serious bug in its database software that could be exploited. The bug lies in a stored procedure called “sp_replwritetovarbin,” which is used by Microsoft’s software when it replicates database transactions. Microsoft issued a security advisory late Monday, saying the bug could be used to run unauthorized software on systems running versions of Microsoft SQL Server 2000 and SQL Server 2005. This is the third serious bug to be disclosed in the past month, but it is unlikely to be used in widespread attacks.”]
Source: https://www.csoonline.com/article/2123591/microsoft-warns-of-sql-attack.html