wish to know more about type of security/bug - patch/fix release for sql server

  • Hi Guys,

    Am new to this. Need u guys help on this.

    1. Does SQL Server Service Pack consists of security fixes or only bug fixes?

    Do u guys apply it asap upon release or only apply it only when the existing service pack is reaching EOS?

    2. Other than service pack, do Microsoft release scheduled monthly SQL Server patch? If yes, does it consists of only security or also bug fixes? I suppose is the subset of service pack?

    3. Any other kind of patches release for SQL Server?

    Many thanks

  • You have RTM, SP and CU's in SQL.

    The RTM is the first release which is ready to manufacture / market (forget the actual term), then MS release CU's (cumulative updates), then there will be a SP (service pack) then more CU's another SP, more CU's etc.

    Keep your eye on this URL http://sqlserverbuilds.blogspot.co.uk/ it will tell you when there is a new CU or SP out and will provide links to the download pages, where you can read more about what is actually fixed in that particular CU or SP.

  • thanks. How about security fix? Does Microsoft release monthly for SQL Server?

    thanks

  • No need, there aren't that many security vulnerabilities in SQL. Security patches mostly follow the CU and SP model.

    Gail Shaw
    Microsoft Certified Master: SQL Server, MVP, M.Sc (Comp Sci)
    SQL In The Wild: Discussions on DB performance with occasional diversions into recoverability

    We walk in the dark places no others will enter
    We stand on the bridge and no one may pass
  • Hi Gila.

    thanks. Abit confused here.

    MS release CU's (cumulative updates), then there will be a SP (service pack) then more CU's another SP, more CU's etc.

    So i supposed CU and SP consists of security fixes as well as bug fixes?

    If we don't apply CU but only service pack, does this mean we are actually prone to more risk as SP release is not that frequent.

    I notice at times, Micrsoft release security fixes for MSSQL (if any) through monthly Microsoft Security Bulletin. I supposed all that will be included in SP?

    thanks

  • Consider that SQL 2005 went four years before a security flaw was found....

    If there's an urgent security issue it may get released on Windows Update or as a hotfix. You can then decide whether or not to apply it.

    Gail Shaw
    Microsoft Certified Master: SQL Server, MVP, M.Sc (Comp Sci)
    SQL In The Wild: Discussions on DB performance with occasional diversions into recoverability

    We walk in the dark places no others will enter
    We stand on the bridge and no one may pass

Viewing 6 posts - 1 through 5 (of 5 total)

You must be logged in to reply to this topic. Login to reply