Ny säkerhetsuppdatering för Analysis Services 2017

Oopps! Upgrade your browser pretty please. Oopps! Upgrade your browser pretty please.

Det finns en ny säkerhetsuppdatering från Microsoft som täpper till ett säkerhetshål i SSAS 2017.

Microsoft beskriver problemet så här:

“There is a potential leak of restricted data that is not protected correctly by the Object-Level Security (OLS) system in Microsoft SQL Server 2017 Analysis Services. The OLS system does not restrict access to data and metadata correctly in cases in which a measure that is defined in a query has a reference to a secured column or table. For this reason, the restricted data is exposed. Because of this vulnerability, a user can bypass the protection and get access to the restricted data”

Säkerhetsuppdateringen finns att hämta här och den gäller för SQL 2017 och SQL 2017 CU14.