MSSQLTips: Tip #49 – SQL Servers Assessment for the Meltdown and Spectre Vulnerabilities

2018 started out with bad news for most IT professionals. A new “speculative execution side-channel attacks” vulnerability affected many modern processors and operating systems. This vulnerability is very complex and requires patching on many layers, including hardware, operating systems and the application layer.

Database Administrators (DBAs) have to be prepared to patch every SQL Server starting with SQL Server version 2008 and the recommended patching procedure is different for different servers depending on SQL Server configuration settings and features used.

How can we determine what servers are affected and what steps should we take to protect SQL Server?

In this tip we will provide a “Meltdown/Spectre SQL Server Assessment Script” that you can run in Central Management Server (CMS) against all of your SQL Servers. This script will produce a report with recommendations/scenarios for patching and display configurations/features that are not secure and enabled on SQL Server.

Then we will provide a couple of remediation steps to review unsecure use cases.

After remediation we will run the Main Assessment Script again and review the final recommendations.

Please read the latest MSSQLTips post: “SQL Servers Assessment for the Meltdown and Spectre Vulnerabilities“.

Check out all of my tips here:

MSSQL Tips: Tip #32 – Resolving SQL Server Master Data Services (MDS) Patching Errors

When you patch a server hosting the MDS Web Application with an SQL Server update and if you have not completed the upgrade sequence users may get this error in the MDS Web Application on client side.

Check out details in the following MSSQL Tip: “Resolving SQL Server Master Data Services (MDS) Patching Errors“.

Check out all of my tips here: