Database Security
The latest Database Security coverage — news, analysis, and updates from the WindowsNews.AI desk.
Critical Flaw in Microsoft SQL Server Opens Door to Remote Code Execution
Critical Flaw in Microsoft SQL Server Opens Door to Remote Code Execution A critical heap-based buffer overflow vulnerability, identified as CVE-2025-49717, has been discovered in Microsoft SQL...
PingCAP and Azure Launch TiDB Cloud Dedicated: Revolutionizing Distributed SQL for Enterprises
The recent partnership between PingCAP and Microsoft Azure has introduced TiDB Cloud Dedicated, a game-changing solution for enterprises needing scalable, distributed SQL databases. This managed...
Massive Data Breach Exposes 184M Records: What Windows Users Need to Know
A staggering 184 million user records have been exposed in one of the largest data breaches in recent history, affecting major tech platforms including Apple, Google, Meta, Microsoft, Instagram, and...
Exfiltration by Admin Tool: How Attackers Weaponize DBeaver, Navicat, and sqlcmd
Attackers are ditching custom malware in favor of something far stealthier: the database management tools your IT team uses every day. Recent incident response investigations reveal a disturbing...
Oracle TNS Flaw CVE-2025-30733: Memory Leak Exposes Sensitive Data Over Network Without Authentication
Oracle's April 2025 Critical Patch Update fixes a startling memory leak in the Transparent Network Substrate (TNS) listener that can spill sensitive system data to unauthenticated remote users....
SQL Server 2025 Preview: Integrating AI, Enhancing Performance, and Advancing Hybrid Data Solutions
Introduction Microsoft has officially unveiled the public preview of SQL Server 2025 at Microsoft Build, marking a significant advancement in database technology. This latest iteration introduces a...
SQL Server 2025 preview adds native AI and cloud tools for developers
Introduction Microsoft has unveiled the public preview of SQL Server 2025, marking a significant evolution in enterprise data management. This release introduces native AI capabilities, enhanced...
Devart's dbForge 7.1 Launches Full Support for SQL Server 2025 and SSMS 21 Preview
Introduction In April 2025, Devart, a prominent developer of database management software, announced the release of dbForge Tools for SQL Server version 7.1. This update introduces full compatibility...
Siemens TeleControl Server Basic SQL Injection Flaws: Urgent Patch Needed for ICS Security
In a stark reminder of the ever-looming threats to critical infrastructure, Siemens has issued an urgent security advisory regarding multiple SQL injection vulnerabilities in its TeleControl Server...
Microsoft Releases Urgent Patch for Critical Access Use-After-Free Flaw
CVE-2025-26630: Understanding the Use-After-Free Vulnerability in Microsoft Access Microsoft Access users face a new security threat with the discovery of CVE-2025-26630, a critical use-after-free...
Patched CVE-2024-49006 in SQL Server Native Client enables unauthenticated RCE on 2012-2019 builds.
A newly disclosed critical vulnerability in Microsoft's SQL Server Native Client, identified as CVE-2024-49006, has sent shockwaves through enterprise security teams worldwide, exposing countless...
Critical CVE-2024-37318 Vulnerability in Microsoft SQL Server Native Client OLE DB Provider Exposes Systems to RCE
A critical vulnerability designated as CVE-2024-37318 has surfaced in Microsoft's SQL Server Native Client OLE DB Provider, exposing enterprise database systems to potential remote code execution...