All the headlines and interesting SQL Server information that we've collected over the past week, and sometimes even a few repeats if we think they fit. These headlines are gathered throughout the week and are posted in real time at the website. Check there for information throughout the week or enjoy this weekly summary of the SQL Server world.
Tech News : General Interest
New TPC benchmark compares virtual workloads - Extending its testing methodologies to the realm of virtualization, the Transaction Processing Performance Council (TPC) has introduced a benchmark that allows organizations to determine the responsiveness of database systems operating in virtual environments....(more)
Rackspace follows Amazon in beefing up its database tools - Following major announcements from Amazon Web Services in recent weeks around data warehousing and management, Rackspace on Thursday announced new capabilities for database hosting and management....(more)
How IT can become a driver of business growth - IT departments excel at boosting efficiency but fall short of driving business growth, according to a new study. Technologies such as cloud computing, mobility, and data analytics can put IT in a position to move beyond traditional support/maintenance expectations and assume a more strategic role in the business. But most tech departments aren't taking advantage of the opportunity, concludes a new study conducted by the Economist Intelligence Unit and sponsored by Juniper Networks....(more)
By 2020, there will be 5,200GB of data for every person on Earth - During the next eight years, the amount of digital data produced will exceed 40 zettabytes, which is the equivalent of 5,200 GB of data for every man, woman and child on Earth, according to an updated Digital Universe study released today. To put it in perspective, 40 zettabytes is 40 trillion gigabytes -- estimated to be 57 times the amount of all the grains of sand on all the beaches on earth. To hit that figure, all data is expected to double every two years through 2020....(more)
Tech News : Security
25-GPU cluster cracks every standard Windows password in <6 hours - password-cracking expert has unveiled a computer cluster that can cycle through as many as 350 billion guesses per second. It's an almost unprecedented speed that can try every possible Windows passcode in the typical enterprise in less than six hours....(more)
Researchers show proof-of-concept Microsoft ERP hack - Security researchers have presented proof-of-concept code capable of accessing the database driving a Microsoft ERP system and then diverting funds while avoiding immediate detection. Tom Eston and Brett Kimmel of vendor SecureState presented the would-be malware last week at the Black Hat Abu Dhabi conference. A white paper on the mock attack, called Project Mayhem, is available on the SecureState website....(more)
MS Tools Pack 2.5.3 is out with bug fixes and improved licensing - Licensing for SSMS Tools Pack 2.5 has been quite a hit and I received some awesome feedback.
The version 2.5.3 contains a few bug fixes and desired licensing improvements.
Changes include more licensing options, prices in Euros because of book keeping reasons (don't you just love those :))
and generally easier purchase and licensing process for users....(more)
Microsoft News : General Interest
Microsoft's new high-performance-computing pack provides clustering in the cloud - Microsoft is making generally available its latest high-performance-computing software that provides support for Windows 8 and Windows Server 2012, among other features....(more)
Microsoft to retire Live Mesh PC-sync service in February 2013 - As of February 2013, Microsoft's Live Mesh PC-sync service will be no more. SkyDrive is its replacement....(more)
Microsoft News : Patches, Bugs
Buggy Microsoft patch causing fonts to disappear - Another Black Tuesday, another weird bug....(more)
Microsoft Windows IP-HTTPS Certificate Revocation Check Bypass Security Issue - A security issue has been reported in Microsoft Windows, which can be exploited by malicious people to bypass certain security restrictions.
The security issue is caused due to the IP-HTTPS component not properly validating the certificates, which can lead to a revoked certificate being considered as valid.
Microsoft Exchange Server Outside In Technology and RSS Feed Parsing Vulnerabilities - Multiple vulnerabilities have been reported in Microsoft Exchange Server, which can be exploited by malicious users to cause a DoS (Denial of Service) and by malicious people to compromise a vulnerable system.
1) Two vulnerabilities exist in the bundled version of Oracle Outside In Technology libraries.
Microsoft Windows Filename Parsing Vulnerability - A vulnerability has been reported in Microsoft Windows, which can be exploited by malicious people to compromise a user's system.
The vulnerability is caused due to an error when parsing file or subfolder names and can be exploited to corrupt memory e.g. via a file with a specially crafted filename.
Microsoft Office Word RTF "listoverridecount" Parsing Vulnerability - A vulnerability has been reported in Microsoft Office, which can be exploited by malicious people to compromise a user's system.
The vulnerability is caused due to an error when parsing Rich Text Format (RTF) data related to the listoverridecount and can be exploited to corrupt memory.
Microsoft Windows DirectPlay Buffer Overflow Vulnerability - A vulnerability has been reported in Microsoft Windows, which can be exploited by malicious people to compromise a user's system.
The vulnerability is caused due to an error in the DirectPlay component of the DirectX functionality and can be exploited to cause a heap-based buffer overflow.
Microsoft Windows OpenType and TrueType Font Parsing Vulnerabilities - Two vulnerabilities have been reported in Microsoft Windows, which can be exploited by malicious people to compromise a user's system.
1) An error in the OpenType Font (OTF) driver when handling certain objects can be exploited via a specially crafted font file.
2) An error when handling certain TrueType Fonts (TTF) can be exploited via a specially crafted font file.
Microsoft Internet Explorer Three Use-After-Free Vulnerabilities - Three vulnerabilities have been reported in Microsoft Internet Explorer, which can be exploited by malicious people to compromise a user's system.
1) A use-after-free error within the "InjectHTMLStream()" function can be exploited to dereference already freed memory.
2) A use-after-free error within the "CMarkup" class can be exploited to dereference already freed memory.
3) A use-after-free error within "Ref Counting" can be exploited to dereference already freed memory.
Microsoft Fixing 12 Bugs in Year's Last Patch Tuesday - Tuesday will offer up the final round of security bulletins for 2012. December's Patch Tuesday will include seven security bulletins: five critical and two important. The bulletins address 12 vulnerabilities. ...(more)
Samsung Explains The Firmware Bug Causing The Failures of SSD 840/840 Pro - We've been covering the issues surrounding Samsung's SSD 840/840 Pro lately. The issue was first discovered when Anand's pre-production review sample died during testing and we also noted that in our initial review. Samsung quickly sent us another drive but it also failed after a couple of days of testing. My SSD 840 managed over a month but ironically enough, it died right after I had completed endurance testing....(more)
Blogs : Administration
How It Works: SQL Server (NUMA Local, Foreign and Away Memory Blocks) - The NODE an operating system page, physically belongs to can be acquired using the QueryVirtualMemoryEx Windows API. SQL Server uses this API to track locality of memory allocations....(more)
How It Works: SQL Server 32 bit PAE/AWE on (SQL 2005, 2008, and 2008 R2) – Not Using As Much RAM As Expected! - This issue was puzzling until we stepped through the code and studied it in some detail. The report was “SQL Server won’t use the physical memory I expect it to use.”...(more)
What OLEDB providers should you expect to show up under the Providers node in SSMS? - The short answer is: Those returned by master.dbo.xp_enum_oledb_providers....(more)
sp_Blitz v14 Adds VLFs, DBCC, Failsafe Operators, and More - For the last couple of versions, I haven’t added any big features because I’d been focused on the plan cache improvements. Today, though, we’ve got a big one with all kinds of health-checking improvements – and they’re all thanks to your contributions....(more)
Blogs : Analysis Services / BI
Up-to-date list of VBA Functions in MDX - Some of you may be aware that a few VBA functions have been implemented as native MDX functions to improve performance. I blogged about this a few years ago, but I’ve now received an up-to-date list of all the VBA functions that that this has happened for as of SSAS 2012 SP1 from those nice people on the SSAS dev team:...(more)
Blogs : Career
Your Job Outlook Is Cloudy And That’s A Good Thing - I don’t care where you work, or what industry you work in, if you are in IT then your department is subservient to the business side.
Don’t believe me? You should. IT departments are outsourced to companies like IBM all the time. Ever hear stories about how people have worked for two or three companies and never left their cubicle? Many times they are part of IT and are providing a service to the business, a service that can (and often does) go to the lowest bidder.
Blogs : Computing in the Cloud
I Could Sure Use Some Windows Azure Code Samples… - There are multiple ways to learn, and one of the most effective is with examples. You have multiple options with Windows Azure, including the Software Development Kit, the Windows Azure Training Kit and now another one…. the Microsoft All-In-One Code Framework,, a free, centralized code sample library driven by developers' real-world pains and needs. The goal is to provide customer-driven code samples for all Microsoft development technologies, and Windows Azure is included....(more)
Blogs : Events
Practical SQL Server Performance Troubleshooting Day - Due to the huge demand of SQL Server Troubleshooting Know How and Techniques I'm running on January 29 (Vienna/Austria) and January 31 (Zurich/Switzerland) my 1 day workshop called "Practical SQL Server Performance Troubleshooting Day" (see http://www.SQLpassion.at/events.html for further information). ...(more)
Blogs : Integration Services/ETL
Whither Hadoop? - “Where can you use Hadoop?” isn’t an easy question to answer. An enterprising or creative person could probably figure out ways to replace the entire database infrastructure with various components of Hadoop. I’m sure it’s being done right now and I’m sure that someone is being incredibly successful with it....(more)
Solution to VSTA editor error in SSIS 2012 - The script task in SSIS 2012 is a great tool when you need to use C# or VB code to perform a function that is not possible with the other SSIS built-in tasks. It uses Visual Studio Tools for Applications (VSTA). One of the limitations when using the script task is if there is a problem with the code, when you try to execute the task you get a generic error message:...(more)
Copying Connection Managers in SSIS - Did you know you can copy and paste connection managers in SSIS? While I haven’t found this a huge benefit with OLE DB connections it can come in very handy for flat file connections. Here is an example I ran across recently....(more)
SSIS: Character Replacement Using the Script Component - When cleansing data from source systems to store in a data mart or warehouse, we often need to remove or replace characters. I recently used the Script Component in SSIS to cleanse some ticket tracking data and thought I’d write a blog post that outlines the implementation....(more)
Blogs : Reporting Services
Debugging Parameter Dependencies in Reporting Services - Creating a report with two datasets that reference the same pair of parameters, I’m seeing the following error:
The Value expression for the query parameter ‘DatesYear’ contains an error: The expression references the parameter ‘DatesYear’, which does not exist in the Parameters collection. Letters in the names of parameters must use the correct case. (rsRuntimeErrorInExpression)
Blogs : Service Broker / SOA
On the Second Day… - My DBA gave to me some lost messages. After fixing the issue with the maintenance plan log tables you still notice that you have a large msdb database. Through further investigation you can see that the cause is related to the sysxmitqueue table as displayed in the attached image....(more)
Blogs : Software Development
Editing sqlcmdvariable nodes in SSDT Publish Profile files using msbuild - Publish profile files are a new feature of SSDT database projects that enable you to package up all environment-specific properties into a single file for use at publish time; I have written about them before at Publish Profile Files in SQL Server Data Tools (SSDT) and if it wasn’t obvious from that blog post, I’m a big fan!...(more)
Blogs : T-SQL
TSQL Tuesday #37 – Joins and Implicit Conversions - Here we are at TSQL Tuesday #37 – the start of the fourth year. Sebastian Meine (@sqlity / blog) is hosting this month’s T-SQL Tuesday blogging party, and he wants us to “write about topics like the good and the bad patterns of joining you have seen out there”. (Sebastian is also running a blog series on A Join A Day.)...(more)
T-SQL Tuesday Topics – December 2012 Update - I was looking for a static list of all the T-SQL Tuesday topics and couldn’t find one. The domain moves around to the current hosting blog, so when it was my turn to host it, I made a list just so I could reference what was out there. After a few more months, I decided to update my list with the latest topics. That will give me the chance to plan for my own future hosting of the party if Adam will have me again....(more)
MERGE Bug with Filtered Indexes - A MERGE statement can fail, and incorrectly report a unique key violation when:...(more)
Blogs : Virtualization
Evaluate This–an Introduction to Hyper-V - Hopefully you will have read the introduction to our Evaluate This series and are now ready to start to have a look at how stuff works in Windows Server 2102. The obvious place to start is Hyper-V as in subsequent videos in the series well need a number of virtual machine, and not everyone knows how to do this in Hyper-V. For example some of you might be new to Hyper-V because you are a DBA, A Vmware expert, for example so hopefully this video will help.....(more)