This article is a follow-up to SQL Server DBaaS Vulnerability: Decrypting System Code & Exfiltrating User Data, in which we saw some vulnerabilities that affected pretty much all DBaaS offerings available in the cloud. Now, we’ll look at another vulnerability that once again affects every major cloud vendor.
In this article, I’ll demonstrate how SQL Server’s own internal optimization mechanisms – specifically those tied to Date Correlation Optimization (DCO) – can be manipulated to carry malicious logic across restore operations.
Back in 2009, I wrote my first two Simple Talk articles all about the feature we’ll explore today. Take