SQL Server latest vulnerability Solution

SQL server 2000 has many vulnerabilities
Some time ago, my own server experienced a temporary SQL stored procedure vulnerability.
Vulnerability Extension: xp_dirtree Stored Procedure

Beforehand: A recent vulnerability was discovered on the SQL server.
Just a few days ago, nothing happened. I used the SQL injection tool of Alibaba Cloud to inject the website on my server, by accident, we found that mssql can be used to obtain all directories on the server (my server has made security settings, then, a packet capture tool is installed on the server to capture the SQL server packets. The tool is used to connect to the SQL vulnerability xp_dirtree to read the Directory and obtain the entire server directory, for example, listing the directory on drive C will list all the directories on drive C, which is very insecure. Currently, we can only investigate and handle the directory wearing things. You can imagine that, if you want to modify a boot. ini overwrites the boot of drive C. what is the concept of ini? First, it can lead to service paralysis and cannot read the system.
Solution: delete xp_dirtree. The command is sp_dropextendedproc xp_dirtree.
After deleting the preceding component, you are using a d or any SQL injection tool.

Here we also provide you with some other dangerous SQL stored procedures.
Recommended to delete

[Note: All operations to delete the SQL stored procedure must be performed in the mssql query analyzer. Which of the following statements follow the stored procedure name followed by the command to delete the stored procedure?]

I hope to help you. If you have any questions, contact me directly.

First, list dangerous internal storage processes:

Xp_mongoshell	Sp_dropextendedproc xp_cmdshell
Xp_regaddmultistring	Sp_dropextendedproc xp_regaddmultistring
Xp_regdeletekey	Sp_dropextendedproc xp_regdeletekey
Xp_regdeletevalue	Sp_dropextendedproc xp_regdeletevalue
Xp_regenumkeys	Sp_dropextendedproc xp_regenumkeys
Xp_regenumvalues	Sp_dropextendedproc xp_regenumvalues
Xp_regread	Sp_dropextendedproc xp_regread
Xp_regremovemultistring	Sp_dropextendedproc xp_regremovemultistring
Xp_regwrite	Sp_dropextendedproc xp_regwrite

ActiveX script:

Sp_OACreate	Sp_dropextendedproc sp_OACreate
Sp_OADestroy	Sp_dropextendedproc sp_OADestroy
Sp_OAMethod	Sp_dropextendedproc sp_OAMethod
Sp_OAGetProperty	Sp_dropextendedproc sp_OAGetProperty
Sp_OAGetErrorInfo	Sp_dropextendedproc sp_OAGetErrorInfo
Sp_OAStop	Sp_dropextendedproc sp_OAStop

You can go to baidu to download a user's SQL injection.
Most of them now have this vulnerability
This is new
This method was developed by myself and tested successfully on the server.