SQL Server has come a long way in the past 5 years, though the history seems to linger. Let's look at the recent history and see what the story is with database vulnerabilities.

MS SQL Server is by far the most common DBMS that attackers target, probably due to its tight integration with Windows. Brute-force credential guessing attacks against database servers are ramping ...

The new ledger feature in SQL Server 2022 provides blockchain-based security to ensure data isn't tampered with. The ability to cryptographically guarantee the integrity of data is especially useful ...

Idera, a leading provider of management and administration solutions for Microsoft Windows Servers, has announced SQLsecure 2.5, a security analysis solution that helps database administrators (DBAs) ...

IDERA, a provider of database productivity tools, has announced the latest release of its flagship SQL Compliance Manager product. Version 5.6 features new reports and log files that increase ...

Next, the attackers attempted to exploit the cloud identity of the SQL Server instance to access the IMDS (Instant Metadata Service) and obtain the cloud identity access key.

The appeal of cost savings in moving SQL server farms to the cloud as part of this modernization cannot be overstated. Cloud giants like Azure, AWS, GCP and Snowflake offer attractive pricing ...

While not listed as critical, CVE-2025-49719 is a publicly disclosed information disclosure vulnerability, with all versions as far back as SQL Server 2016 receiving patches.