Admin rights needed to fire up the malware and – hey presto!
Security researchers at ESET have published details of a backdoor into Microsoft's SQL Server via hooks and the splendidly named "magic passwords".
The backdoor, which targets SQL Server 2012 and 2014, has the ability to leave a miscreant with stealthy access to a compromised server and forms part of the arsenal of a malware group dubbed "Winnti" by researchers.
The Register spoke with ESET malware bod Mathieu Tartare about the research and the risk posed by backdoor.
Before any administrators get too panicked, it is important to note that actually getting the backdoor running on a server requires administrative-level privileges. If that's a risk in your organisation, yo ..
Support the originator by clicking the read the rest link below.
