How to (Somewhat) Increase SQL Server Security


Some time ago Argenis Fernandez(@DBArgenis) found and described a vulnerability that allows you to get into SQL Server with ‘sa’ rights. This method does not require a restart of the SQL Server service or the whole machine, the condition is a local administrator account on the server.


SQL Server until 2008R2: Until SQL 2008R2, gaining access was easy because the database engine installer added an ‘NT AUTHORITY’ account to the engine by default and gave it sysadmin privileges. All you had to do was run a console on the server with elevated privileges, from there run PsExec.exe(from the SysInternals