• Patch Lady – SQL patching in August

    Posted on August 15, 2018 at 15:00 CDT by Comment in the Forums

    For the folks with SQL server and in particular SQL 2014:  I’ve seen this come up a bit in forums and other venues:

    https://portal.msrc.microsoft.com/en-US/security-guidance/advisory/CVE-2018-8273

    In that post it implies that other versions of SQL besides 2016 and 2017 are vulnerable.

    The way I read it and understand the situation it’s only SQL 2016 and 2017 that are vulnerable.  If you have SQL 2014 SP2 which is supported until 2024 and still in mainstream support – it’s not vulnerable.

    Just because newer stuff is newer doesn’t mean older stuff is vulnerable too.

    The following software versions or editions are affected. Versions or editions that are not listed are either past their support life cycle or are not affected.

    Note If your SQL Server version number is not represented in the table below, your SQL Server version is no longer supported. Please upgrade to the latest Service Pack or SQL Server product in order to apply this and future security updates.

    That second statement is totally not true.  SQL 2014 sp2 is very much supported.

    In fact as you can see from the link below it’s supported until 2024 for security updates (Extended support is the final date of support for security patches)

    https://support.microsoft.com/en-us/lifecycle/search?alpha=Microsoft%20SQL%20Server%202014%20Service%20Pack%202

    And definitely mainstream until 2019 (which means it not only gets security updates but general fixes as well.

    Apologies to the MSRC folks but I rate this on the Pinocchio scale for this portal entry as Not Transparent enough and thusly confusing.

    Windows Patches/Security ,
DON'T MISS OUT!
Subscribe to the Free Newsletter
We promise not to spam you. Unsubscribe at any time.
Invalid email address

View the Forum

  • Recent Replies
  • My Replies
  • My Active Topics
  • New Posts in the Last day
  • Private Messages
  • Knowledge Base
  • How to use the Forums
  • All Forums

    • Recent Topics

    My Profile

    March 2025
    S M T W T F S
     1
    2345678
    9101112131415
    16171819202122
    23242526272829
    3031  

    Want to Advertise in the free newsletter? How about a gift subscription in honor of a birthday? Send an email to sb@askwoody.com to ask how.

    Mastodon profile for DefConPatch
    Mastodon profile for AskWoody

     

    Home About FAQ Posts & Privacy Forums My Account
    Register Free Newsletter Plus Membership Gift Certificates MS-DEFCON Alerts

    Copyright ©2004-2025 by AskWoody Tech LLC. All Rights Reserved.