Wednesday, March 28, 2012

Microsoft Search service vulnerabilities

I am working on a "best practices" document for my company and came across
the suggestion to disable any unnecessary SQL Server services. We do not us
e
full-text search so we have no need for the service. However, I would like
to be able to provide reasons why this service should be disabled. I've
searched for vulnerabilites related to the Microsoft Search service and have
come up empty. Does anyone know of any vulnerabilities?
Thanks!I'm not aware of any vulnerabilities but it's still a good idea to shut it
down if you know you are not going to use it. That way, if someone comes up
with an attack later, you aren't at risk. Reducing the surface that an
attacker can attack to only what's required is always a good idea.
This posting is provided "AS IS" with no warranties, and confers no rights.
Use of included script samples are subject to the terms specified at
http://www.microsoft.com/info/cpyright.htm
"cltdba" <cltdba@.discussions.microsoft.com> wrote in message
news:14FA55C3-C274-458F-B7A8-ABB90EAD3E2C@.microsoft.com...
>I am working on a "best practices" document for my company and came across
> the suggestion to disable any unnecessary SQL Server services. We do not
> use
> full-text search so we have no need for the service. However, I would
> like
> to be able to provide reasons why this service should be disabled. I've
> searched for vulnerabilites related to the Microsoft Search service and
> have
> come up empty. Does anyone know of any vulnerabilities?
> Thanks!

No comments:

Post a Comment