Security updates for SQL server

  • I recently see there are some GRD for SQL server updates 2019.  And it comes to our windows update list.- Security updates for SQL server 2019 GRD....

    What is the GRD comparing with SQL server CU?

    I usually run CU manually.

    Is it safe to just let the GRD runs automatically like other windows update patches during our maintenance outage time?

    See below:

    Capture

  • Hi,

    GDR (General Distribution Release) will not include previous all CU's (Cumulative Update) but CU's will include all previous fixes.

    So it means its possible to use some security update, when you dont want use some CU due to some reasons.

    Thanks

  • Thanks, not sure what this means: Quote: "So it means its possible to use some security update, when you dont want use some CU due to some reasons."

    We have something like below that shows in windows update, is it safe just like it automatically run like other windows updates? I usually run CU manually, but this is security update, I think it can be automatically run like other windows security update does.

    Capture

    • This reply was modified 1 year, 9 months ago by  sqlfriend.
  • Treat it like a CU.

     

    A GDR fixes CVEs with the product.

     

    You plan and prepare for installing it the same way in which you would a CU, the installation process is exactly the same.

  • Thank you , what is CVE?

    And I also read this article https://www.sqltattoo.com/blog/2021/01/sql-server-patching-gdr-vs-cu/

    Quote:

    caution: When you start clean from a baseline you can apply GDR or CU as it fits your policy or planning. If you want to keep deploying only GDRs, intentionally, then you should not deploy any CU. This change from GDR can happen only ONCE and then you are on the CU-side of things.

    This statement confused me, could you explain what it means? does it mean because we applied CU before, we should not use GDR?

    We have applied Some CU for SQL 2019. and now our windows update admin found the below Security patches for SQL server and asked if it can be added to windows update list that automtic runs for dev, test environment.

    Capture

    Thank you!

Viewing 5 posts - 1 through 4 (of 4 total)

You must be logged in to reply to this topic. Login to reply