• Running a SQL Server? Heads up! You need to install this month’s patches quickly

    Home » Forums » Newsletter and Homepage topics » Running a SQL Server? Heads up! You need to install this month’s patches quickly

    Tags:

    Author
    Topic
    woody
    Manager
    February 18, 2020 at 7:25 am #2152849

    I just saw a notification that the SQL Server security hole known as CVE-2020-0618 has been cracked. Per Kevin Beaumont: Ah bums, there’s an exploit f
    [See the full post at: Running a SQL Server? Heads up! You need to install this month’s patches quickly]

    2 users thanked author for this post.
    Mr. Natural, jabeattyauditor
    Reply | Quote
    Viewing 3 reply threads
    Author
    Replies
    • StoopidMonkey
      AskWoody Plus
      February 18, 2020 at 7:53 am #2152866

      Dang! How are the rest of the February patches looking from a DEFCON standpoint? If I’m rolling out to our business critical servers it’d be convenient to approve the whole set if the green light is coming.

      Reply | Quote
      • woody
        Manager
        February 18, 2020 at 9:59 am #2152931

        Follow @b’s advice below.

        So far the major Feb patch problems are from the one that was yanked (more about that later) and the infernal race condition that causes the Feb Win10 1903/1909 cumulative update to resurface with a temporary profile.

        1 user thanked author for this post.
        StoopidMonkey
        Reply | Quote
    • techweenie
      AskWoody Lounger
      February 18, 2020 at 8:20 am #2152882

      So which patch or set of patches address this issue specifically?  You’ve been posting about all the bugs with this months patches so I don’t want to create more problems than I solve.

      Reply | Quote
    • b
      AskWoody_MVP
      February 18, 2020 at 9:13 am #2152900

      There are five different updates depending on the version number of SQL Server.

      Check the current SQL Server version number in the table: CVE-2020-0618 FAQ

      Then download/install the appropriate update: CVE-2020-0618 Security Updates

      • This reply was modified 5 years, 2 months ago by b.
      2 users thanked author for this post.
      techweenie, woody
      Reply | Quote
    • ChrisAVWood
      AskWoody Plus
      February 18, 2020 at 10:30 am #2152949

      As a SQL DBA this is not good news. For SQL 2012/2014 the fixes could well be the last publicly released builds but SQL 2016 is expecting a Cumulative Update any day soon that should also include this fix.

      1 user thanked author for this post.
      woody
      Reply | Quote
    Viewing 3 reply threads
    Reply To: Running a SQL Server? Heads up! You need to install this month’s patches quickly

    You can use BBCodes to format your content.
    Your account can't use all available BBCodes, they will be stripped before saving.

    Your information:




DON'T MISS OUT!
Subscribe to the Free Newsletter
We promise not to spam you. Unsubscribe at any time.
Invalid email address

View the Forum

  • Recent Replies
  • My Replies
  • My Active Topics
  • New Posts in the Last day
  • Private Messages
  • Knowledge Base
  • How to use the Forums
  • All Forums

    • Recent Topics

    My Profile

    April 2025
    S M T W T F S
     12345
    6789101112
    13141516171819
    20212223242526
    27282930  

    Remembering Woody

     

    Want to Advertise in the free newsletter? How about a gift subscription in honor of a birthday? Send an email to sb@askwoody.com to ask how.

    Mastodon profile for DefConPatch
    Mastodon profile for AskWoody

     

    Home About FAQ Posts & Privacy Forums My Account
    Register Free Newsletter Plus Membership Gift Certificates MS-DEFCON Alerts

    Copyright ©2004-2025 by AskWoody Tech LLC. All Rights Reserved.