Want relief keeping up with product patching, upgrades, and more?  Learn how our Managed Services for law firms can help you.

Microsoft ODBC Driver Remote Code Execution Vulnerability

March 2024

Cornerstone.IT Gold Microsoft Partner

Patch and update available from Microsoft.

Identified Vulnerabilities

An authenticated victim who is connected to the network must be tricked or persuaded to connect to a malicious SQL database using their SQL client application. After the connection is made, the server can send specially crafted replies to the client that exploit the vulnerability and permit execution of arbitrary code within the context of the user’s SQL client application.

Patch and Upgrade Available

Microsoft issued official patch/upgrade in their Security Update Guide.


Contact Cornerstone.IT for assistance with this or any other technology or security needs.