Support
Microsoft MSDE Security Update
Microsoft has recently announced the availability of patches to address security issues with the Microsoft Desktop Engine (MSDE). Journyx provides MSDE with Timesheet 5.0 for Windows, therefore our customers should be aware of this situation, which also affects Microsoft SQL Server 2000.
Update: Journyx has researched the MSDE/SP2 upgrade process and has developed a document to guide you through this procedure: Upgrading Journyx Timesheet 5.0 Internal Database to Service Pack 2
Please Note: The suggested fixes require that you update your MSDE installation using SQL Server 2000 Service Pack 2 before applying the patches.
From The Microsoft Website
- Microsoft Security Bulletin MS02-038
Unchecked Buffer in SQL Server 2000 Utilities Could Allow Code Execution (Q316333)
Originally posted: July 24, 2002
Summary
Who should read this bulletin: System administrators using Microsoft® SQL ServerTM 2000 and Microsoft Desktop Engine 2000.
Impact of vulnerability: Two vulnerabilities, both of which could enable an attacker to run code on the server.
Maximum Severity Rating: Moderate
Recommendation: System administrators should consider installing the patch.
Affected Software:
- Microsoft SQL Server 2000.
- Microsoft Desktop Engine (MSDE) 2000
- Microsoft Security Bulletin MS02-039
Buffer Overruns in SQL Server 2000 Resolution Service Could Enable Code Execution (Q323875)
Originally posted: July 24, 2002
Summary
Who should read this bulletin: System administrators using Microsoft® SQL ServerTM 2000 and Microsoft Desktop Engine 2000.
Impact of vulnerability: Three vulnerabilities, the most serious of which could enable an attacker to gain control over an affected server.
Maximum Severity Rating: Critical
Recommendation: System administrators should install the patch immediately.
Affected Software:- Microsoft SQL Server 2000
- Microsoft Desktop Engine (MSDE) 2000
