Question:New malware has recently been discovered that can create a backdoor to Microsoft SQL 11 (SQL Server 2012) or Microsoft SQL 12 (SQL Server 2014) Servers. This malware is known as Skip-2.0. Centrify relies on Microsoft SQL for its DirectAudit database as well as Reporting Services and Access Manager. What is the impact of this malware on Centrify?
Answer:Centrify's engineering teams have reviewed the documentation around this malware and has found that Centrify's code is not vulnerable to this exploit. Also, Centrify no longer ships Microsoft SQL 11 or 12 in any of their current packages. Centrify recommends that customers still using SQL 11 or 12 upgrade to SQL Server 2016 as soon as possible to minimize risks to their databases. However, customers may need to contact Microsoft for any licensing questions or issues regarding a SQL upgrade.
More information about this malware can be found here:
https://www.bleepingcomputer.com/news/security/chinese-hackers-use-new-malware-to-backdoor-microsoft-sql-servers/
https://www.welivesecurity.com/2019/10/21/winnti-group-skip2-0-microsoft-sql-server-backdoor/