News, tips, advice, support for Windows, Office, PCs & more. Tech help. No bull. We're community supported by donations from our Plus Members, and proud of it
Home icon Home icon Home icon Email icon RSS icon
  • Running a SQL Server? Heads up! You need to install this month’s patches quickly

    Home Forums AskWoody blog Running a SQL Server? Heads up! You need to install this month’s patches quickly

    Viewing 4 reply threads
    • Author
      Posts
      • #2152849 Reply
        woody
        Da Boss

        I just saw a notification that the SQL Server security hole known as CVE-2020-0618 has been cracked. Per Kevin Beaumont: Ah bums, there’s an exploit f
        [See the full post at: Running a SQL Server? Heads up! You need to install this month’s patches quickly]

        2 users thanked author for this post.
      • #2152866 Reply
        StoopidMonkey
        AskWoody Plus

        Dang! How are the rest of the February patches looking from a DEFCON standpoint? If I’m rolling out to our business critical servers it’d be convenient to approve the whole set if the green light is coming.

        • #2152931 Reply
          woody
          Da Boss

          Follow @b‘s advice below.

          So far the major Feb patch problems are from the one that was yanked (more about that later) and the infernal race condition that causes the Feb Win10 1903/1909 cumulative update to resurface with a temporary profile.

          1 user thanked author for this post.
      • #2152882 Reply
        techweenie
        AskWoody Lounger

        So which patch or set of patches address this issue specifically?  You’ve been posting about all the bugs with this months patches so I don’t want to create more problems than I solve.

      • #2152900 Reply
        b
        AskWoody Plus

        There are five different updates depending on the version number of SQL Server.

        Check the current SQL Server version number in the table: CVE-2020-0618 FAQ

        Then download/install the appropriate update: CVE-2020-0618 Security Updates

        Windows 10 Pro Version 2004: Group ASAP (chump/pioneer)

        • This reply was modified 1 month, 2 weeks ago by b.
        2 users thanked author for this post.
      • #2152949 Reply
        ChrisAVWood
        AskWoody Plus

        As a SQL DBA this is not good news. For SQL 2012/2014 the fixes could well be the last publicly released builds but SQL 2016 is expecting a Cumulative Update any day soon that should also include this fix.

        1 user thanked author for this post.
    Viewing 4 reply threads

    Please follow the -Lounge Rules- no personal attacks, no swearing, and politics/religion are relegated to the Rants forum.

    Reply To: Running a SQL Server? Heads up! You need to install this month’s patches quickly

    You can use BBCodes to format your content.
    Your account can't use Advanced BBCodes, they will be stripped before saving.