Woody Leonhard's no-bull news, tips and help for Windows, Office and more… Please disable your ad blocker – our (polite!) ads help keep AskWoody going!
Home icon Home icon Home icon Email icon RSS icon
  • Patch Lady – SQL patching in August

    Posted on Susan Bradley Comment on the AskWoody Lounge

    Home Forums AskWoody blog Patch Lady – SQL patching in August

    This topic contains 5 replies, has 3 voices, and was last updated by  anonymous 3 weeks, 5 days ago.

    • Author
      Posts
    • #210951 Reply

      Susan Bradley
      AskWoody MVP

      I’ve seen this come up a bit in forums and other venues: https://portal.msrc.microsoft.com/en-US/security-guidance/advisory/CVE-2018-8273 In that post
      [See the full post at: Patch Lady – SQL patching in August]

      Susan Bradley Patch Lady

      5 users thanked author for this post.
    • #211004 Reply

      MikeFromMarkham
      AskWoody Lounger

      Going to need a very-wide-screen monitor to display Pinnochio’s nose properly if this keeps happening.

      1 user thanked author for this post.
      • #211008 Reply

        anonymous

        The nose might be so long that Pinocchio’s head will be tilted downward.

    • #211019 Reply

      anonymous

      As an MS SQL DBA for many years I would expect that this was discovered in the cloud as there is no acknowledgment by an individual or group.

      Also with the rapid updating of SQL 2014/2016/2017 builds it shows something when the released updates appear to be this one fix added to the latest Cumulative Update. This means that it has been discovered and patched quickly. The next 2017 CU would normally be the week after Patch Tuesday. As always the SQL team offer little information when a security fix comes out.

      I doubt that it is also in SQL 2014 as it would have a been referenced.

      • #211681 Reply

        anonymous

        Beware the 2006 SP2 CU build 5161 has now been disabled because they left some unwanted bits in the released build. See https://blogs.msdn.microsoft.com/sqlreleaseservices/issue-with-security-update-for-the-remote-code-execution-vulnerability-in-sql-server-2016-sp2-cu-august-14-2018/

        1 user thanked author for this post.
    • #213703 Reply

      anonymous

      Just to prove that this doesn’t affect SQL 2014 the latest 2014 SP2 CU came out without any reference to the critical bug.

    Please follow the -Lounge Rules- no personal attacks, no swearing, and politics/religion are relegated to the Rants forum.

    Reply To: Patch Lady – SQL patching in August

    You can use BBCodes to format your content.
    Your account can't use Advanced BBCodes, they will be stripped before saving.

    Your information:


    Comments are closed.