Why has NIST provided so much information regarding the installation of MSDE as a part of ASSET?
Vulnerabilities exist in all software and are reported in a number of publicly accessible databases (i.e. http://icat.nist.gov). It is essential that all users of software recognize these vulnerabilities and apply any mitigating procedures or patches. NIST recognizes and has validated reports of the vulnerabilities inherent in all software, including MSDE. Since ASSET uses MSDE as its database engine, it was important to describe the mitigation process to all users of ASSET. The mitigation procedures that have been provided in the ASSET User Manual will establish a very high level of security for ASSET. Additionally, the MSDE mitigation procedures that NIST has provided are applicable to other products using MSDE as well.
