MSSQLTips: Tip #49 – SQL Servers Assessment for the Meltdown and Spectre Vulnerabilities

2018 started out with bad news for most IT professionals. A new “speculative execution side-channel attacks” vulnerability affected many modern processors and operating systems. This vulnerability is very complex and requires patching on many layers, including hardware, operating systems and the application layer.

Database Administrators (DBAs) have to be prepared to patch every SQL Server starting with SQL Server version 2008 and the recommended patching procedure is different for different servers depending on SQL Server configuration settings and features used.

How can we determine what servers are affected and what steps should we take to protect SQL Server?

In this tip we will provide a “Meltdown/Spectre SQL Server Assessment Script” that you can run in Central Management Server (CMS) against all of your SQL Servers. This script will produce a report with recommendations/scenarios for patching and display configurations/features that are not secure and enabled on SQL Server.

Then we will provide a couple of remediation steps to review unsecure use cases.

After remediation we will run the Main Assessment Script again and review the final recommendations.

Please read the latest MSSQLTips post: “SQL Servers Assessment for the Meltdown and Spectre Vulnerabilities“.

Check out all of my tips here: