Paul Duffett – Me, myself and MS SQL Server

The ramblings of a mad man

SQL Server security bulletins

with 2 comments

You’ve no doubt seen the security bulletins issued by Microsoft over the last few months and if, like me, you’ve had to apply them to your SQL Server estate you may well have had some cause for confusion.

I’ve been testing, re-testing and testing just a little bit more, all of the KB’s that I have to deploy and I’ve started rolling them out onto our production boxes. But how do you know which KB you need to apply to your SQL instance? Well it is actually explained on the Microsoft site but I’ve got a very quick “at a glance” version, which is the reason for this post.

This is my crib-sheet for security bulletin MS08-040

SQL Server Major Release SQL Server 7.0 and MSDE 1.0 SQL Server 2000 GDR and MSDE 2000 SQL Server 2000 QFE and MSDE 2000 SQL Server 2005 GDR SQL Server 2005 QFE
SQL Server Build Range 7.00.1063-7.00.1151 8.00.2039-8.00.2049 8.00.2148-8.00.2272 9.00.3042-9.00.3067 9.00.3150-9.00.3230
Patch To Apply KB948113 KB948110 KB948111 KB948109 KB948108
           
New Build Number 7.00.1152 8.00.2050 8.00.2273 9.00.3068 9.00.3233

MS08-052 Security bulletin crib sheet to follow soon….

Enjoy

PD

Written by paulduffett

September 29, 2008 at 1:27 pm

Posted in Uncategorized

«
»

2 Responses

Subscribe to comments with RSS.

  1. Paul:

    The way that I interpret .2250 vs. .2273 is that unless you need to apply every hotfix (and have integration/regression tested) from sp4 to .2273, the only logical choice is to pick .2050 from sp4 and stop right there! Microsoft seems very cavalier about upgrading right from 8.00.2039 to 8.00.2273, but from my experience, I am recommending to my client to go to .2050 and stop!

    Does my stubborn and conservative position have merit?

    Thanks,

    Don

    Don Cavin

    October 6, 2008 at 12:54 pm

  2. Hi Don,

    Thanks for your comments, it’s good to know that someone is actually reading this stuff. You’re quite right that you can just go with SP4 and leave it at 2050, that’s the GDR approach and we’ve gone with that on our new builds. The problem is when you’ve got existing boxes at a higher patch leve. In our case we were putting 2187 on our boxes to fix a particular issue (which escapes me at this moment in time) so we had no choice but to go up to build level 2273.

    So in short, yes, new builds should be SP4 + 2050.

    Hope that makes sense
    Paul

    paulduffett

    October 8, 2008 at 4:46 pm


Leave a Reply