Technical Information

Brief overview of the risk:
An information disclosure vulnerability exists in Microsoft SQL Server Management Studio (SSMS) when parsing a malicious XEL file containing a reference to an external entity. An attacker who successfully exploited this vulnerability could read arbitrary files via an XML external entity declaration.

Detailed Information on the risk:
To exploit the vulnerability, an attacker must entice a user on an affected SSMS server to open a specially crafted XEL file. In an email attack scenario, an attacker could exploit the vulnerability by sending the specially crafted file to the user and then convincing the user to open the file. In a web-based attack scenario, an attacker could host a website (or leverage a compromised website that accepts or hosts user-provided content) that contains a specially crafted file designed to exploit the vulnerability.

Further information on this exploit is available at : CVE-2018-8527