Database Security
The latest Database Security coverage — news, analysis, and updates from the WindowsNews.AI desk.
SQL Server 2025 Data Leak Fixed in July Patch — But It Could Break Your Linked Servers
Microsoft’s July 14, 2026 security update for SQL Server 2025 closes a buffer over-read that could allow authenticated attackers to read sensitive data, but the patch also carries a known issue...
SQL Server Emergency Update: Fix the 8.8 Flaw, But Stay on Your Servicing Branch
Microsoft has delivered a sweeping set of security updates across every supported SQL Server release, fixing a vulnerability that allows an authenticated attacker with low privileges to seize...
Microsoft Fixes SQL Server Privilege Escalation Bug on 2016's End-of-Support Date
Microsoft's July 14, 2026 Patch Tuesday brought a fix for CVE-2026-55002, an elevation-of-privilege vulnerability in SQL Server that could allow an authenticated local attacker to take full control...
SQL Server 2025 security hardening guide: Step-by-step installation and optimization
Microsoft SQL Server 2025 represents a significant evolution in database management, bringing enhanced security features, improved performance capabilities, and deeper integration with modern cloud...
Step-by-Step SQL Server 2022 Installation on Windows for Beginners
Installing Microsoft SQL Server on Windows can seem daunting for beginners, but with proper preparation and a clear roadmap, you can establish a secure, high-performance database server that serves...
Oracle MySQL CVE-2024-20969: DDL Vulnerability Threatens Database Availability
Oracle's MySQL database management system contains a significant vulnerability that could allow attackers with high-privilege network access to cause sustained outages and potentially compromise data...
Don’t Ignore That Medium Severity: MySQL InnoDB CVE-2025-50096 Can Crash Servers on Demand
Oracle’s July 2025 Critical Patch Update fixed a denial-of-service vulnerability in the InnoDB storage engine of MySQL that, despite its medium CVSS score, can let a high-privileged user repeatedly...
CVE-2025-50092: Patch July 2025 CPU for Medium-Severity MySQL DoS Flaw
Oracle's July 2025 Critical Patch Update revealed a significant security vulnerability in one of the world's most widely used database systems, highlighting the persistent threat landscape facing...
MariaDB DoS flaw CVE-2023-52969 crashes servers via derived table queries.
A critical denial-of-service vulnerability in MariaDB, tracked as CVE-2023-52969, has been identified that allows attackers to crash database servers through specially crafted queries involving...
Microsoft Fixes SQL Server Privilege Escalation Bug: The Real CVE Is 2025-53727, Not 55227
{ "title": "Microsoft Fixes SQL Server Privilege Escalation Bug: The Real CVE Is 2025-53727, Not 55227", "content": "Microsoft has released patches for a critical SQL Server...
Microsoft's SQL Server 2025 RC0 Arrives: Ubuntu 24.04, TLS 1.3, and Docker Caveats
Microsoft has shipped the first public release candidate of SQL Server 2025, delivering two long-awaited changes for teams that mix Windows infrastructure with Linux development: official support for...
Patch Now: SQL Injection Flaw in Microsoft SQL Server Grants Attackers Full Network Privileges
Microsoft has confirmed a high-severity elevation-of-privilege vulnerability tracked as CVE-2025-47954 that affects Microsoft SQL Server, allowing an authenticated attacker to escalate privileges...