Security gap in all Microsoft SQL Servers (kb2475)

The information in this article applies to:

  • Microsoft Database Engine 2000
  • Microsoft Database Engine 1.0
  • Microsoft SQL Server 2000
  • Microsoft SQL Server 7.0
  • SwyxWare all versions

[ Information | Links ]


Microsoft has reported severe security gaps in all their SQL Server Versions and has released a patch for them.

Swyx strongly recommends to install this patch on SwyxServer machines having installed the MSDE or an SQL Server. The patch can be downloaded from the Microsoft Security Bulletin being linked in the References section of this article. If you have installed the Database from the SwyxWare CD (MSDE) you need to download and install the patch for Microsoft SQL Server 7.0 (English).

The patch eliminates the following three problems:

  • Named Pipe Hijacking
  • Named Pipe Denial of Service
  • SQL Server Buffer Overun

More Details can be found in the Microsoft Security Bulletin.


Before installing the patch you need to install the SQL Server 7 Service Pack 4 which can be found on the SwyxWare CD


or from the Microsoft Webpages.


This article describes how to obtain the version of the currently installed SQL-Server / MSDE:


As far as software supplied or used by us, includes open source elements the additional terms under apply in addition. An overview which products from the Swyx portfolio include open source elements and which open source license is relevant can be found under

The third-party contact information included in this article is provided to help you find the technical support you need. This contact information is subject to change without notice. Swyx in no way guarantees the accuracy of this third-party contact information nor is responsible for it's content.


Comment on this article

If we have any follow-up questions, where can we contact you?

E-Mail Address (optional)


This feedback form can't be used for support requests. Those requests must be directed to your Swyx reseller or distributor.