All the headlines and interesting SQL Server information that we've collected over the past week, and sometimes even a few repeats if we think they fit. These headlines are gathered throughout the week and are posted in real time at the website. Check there for information throughout the week or enjoy this weekly summary of the SQL Server world.
Tech News : General Interest
What the HIPAA Final Rule Means for Data Centers and Cloud Providers - Data centers and cloud providers servicing the health care industry should take particular note that the Final Rule of HIPAA (that went into effect in March) clarifies that they are officially considered “business associates” under HIPAA ...(more)
Tech hiring accounts for 10% of U.S. employment gains - Hiring of technology professionals has been on the upswing in the first half of this year, with new IT hires accounting for about 10% of all the job growth in the U.S. in June, according to two independent assessments. ...(more)
Do those bong photos on Facebook really translate to workplace habits? - Privacy is dead. We hear that a lot these days. Vast relational databases keep records of our electronic interactions. Even our snail mail is actively logged. But if privacy is dead, it’s a death partly of our own making. We might not want Target data mining our purchases to tell us we're pregnant, but posting on Twitter or Facebook is an active choice. ...(more)
Tech News : Security
HP admits to undocumented backdoors in two separate storage lines - HP has owned up to undocumented backdoors in members of its StoreOnce D2D Backup and StoreVirtual Storage product lines that can grant malicious hackers root access to the systems' OS. A fix for the HP StoreOnce D2D Backup Systems already exists; the company said it would deliver a patch for the StoreVirtual gear by July 17....(more)
We interrupt this program to warn the Emergency Alert System is hackable - The US Emergency Alert System, which interrupts live TV and radio broadcasts with information about national emergencies in progress, is vulnerable to attacks that allow hackers to remotely disseminate bogus reports ...(more)
Microsoft News : General Interest
Microsoft CEO Finally Reveals Company Reorganization - Microsoft is shifting to a "one" mentality. ...(more)
Teamcenter Running on SQL Server 2012 and Windows Server 2008 R2 Successfully Supports 10,000 Concurrent Users With Excellent Performance - Product lifecycle management (PLM) is an enterprise, business, and information strategy that helps companies develop and deliver world-class products quickly and efficiently. Teamcenter from Siemens PLM Software is the most widely used PLM system in the world, powering innovation and improving productivity by connecting people with the product and ...(more)
Impressive Results: SQL Server 2012 and OpenText Email Monitoring and Records Management - In February 2012, OpenText and Microsoft conducted performance and scalability testing on the email-monitoring and records-management components of the OpenText ECM Suite running on the Microsoft SQL Server 2012 data-management software. The benchmark testing was very successful, with a peak ingestion of 995,000 email messages in ...(more)
Introducing Power BI for Office 365 - Today we are pleased to announce a new offering that builds on our cloud-first data platform -- Power BI for Office 365. Unveiled this morning by Satya Nadella, President of the Server and Tools Business, during his keynote at our annual Worldwide Partner Conference, Power BI for Office 365 is a new self-service business intelligence (BI) solution delivered through Excel and Office 365 which provides information workers with data analysis and visualization capabilities to identify deeper business insights from their on-premises and cloud data. ...(more)
Microsoft slates Windows 8.1 RTM for late August - Microsoft will release Windows 8.1 to computer and tablet makers in late August, a company executive said today. Tami Reller, the CFO of the Windows group, announced the date during the opening keynote address of Microsoft's ...(more)
Microsoft News : Patches, Bugs
Microsoft .Net Framework / Silverlight Multiple Vulnerabilities - Multiple vulnerabilities have been reported in Microsoft .Net Framework and Silverlight, which can be exploited by malicious people to compromise a user's system.
1) An error exists within the GDI+ subsystem.
Microsoft Windows DirectShow GIF Parsing Arbitrary Memory Overwrite Vulnerability - A vulnerability has been reported in Microsoft Windows, which can be exploited by malicious people to compromise a user's system.
The vulnerability is caused due to an unspecified error within DirectShow when parsing GIF files and can be exploited to perform arbitrary memory writes.
Microsoft Products GDI+ TrueType Font Parsing Vulnerability - A vulnerability has been reported in multiple Microsoft products, which can be exploited by malicious people to compromise a user's system.
The vulnerability is caused due to an unspecified error within the
GDI+ subsystem when parsing TrueType fonts.
Microsoft Windows Flash Player Multiple Vulnerabilities - Multiple vulnerabilities have been reported in Microsoft Windows, which can be exploited by malicious people to compromise a user's system.
The vulnerabilities are caused due to the application bundling a vulnerable version of Adobe Flash Player within Internet Explorer 10.
Microsoft Internet Explorer Multiple Vulnerabilities - Multiple vulnerabilities have been reported in Microsoft Internet Explorer, which can be exploited by malicious people to conduct cross-site scripting attacks and compromise a vulnerable system.
1) An error when handling the encoding for Shift_JIS auto-selection can be exploited to conduct cross-site scripting attacks.
2) An unspecified error related to handling objects in memory can be exploited to corrupt memory.
Microsoft News : Security
Filling A Gap In the Vulnerability Market – First Bounty Notification - When Microsoft decided to offer not one but three new bounties, paying outside researchers directly for security research on some of our latest products, we put a lot of thought into developing those bounty programs. We developed a customized set of programs designed to create a win-win between the security researcher community and Microsoft’s customers, by focusing on key data about what researchers were doing with vulnerabilities they found in our products. We monitored trends, and made the decision to jump into the vulnerability and exploit market in a specific, deliberate way. ...(more)
Report: Microsoft helped NSA circumvent its own encryption - Microsoft helped the U.S. National Security Agency circumvent the company's own encryption in order to conduct surveillance on email accounts through Outlook.com, according to a new report in the Guardian. ...(more)
'Superman' crystals could store 360TB of data forever - Scientists have discovered that, by using nanostructured glass and five dimensional digital data recording, they may be able to store 360TB of data forever. ...(more)
Blogs : Administration
How to connect to SQL Server when ‘sa’ account is disabled - If you have lost the password for sa account or does not have any administrative account and you are locked out of SQL Server you can still login to SQL Server as an Administrator using Local administrator account. ...(more)
trace flag for backup and restore operation - 1. 3004show the internal backup/restore operation for every step.ex.dbcc traceon(3004,3605,-1)GO3605 means output the message to errorlog. you can use 3604 to direct the output to client, but it doesn't have the time info which ...(more)
SQLCMD –Quick Copy of Files – Using Robocopy - The requirement is to move the data files to different server programatically and hence I’ve decided to use Robocopy in SQLCMD. Robocopy is a command line utility. It has been available as part of the windows resource kit ...(more)
SQL Server Quickie #6 – THREADPOOL Starvation - Today I have uploaded the 6th SQL Server Quickie to YouTube. This time I’m talking about THREADPOOL Starvation in SQL Server. You can find the script used during the demonstration here as a download. Thanks for watching! ...(more)
Blogs : Analysis Services / BI
Create a Named Set with all but one Member in MDX – SSAS - I was trying to create a Named set in SSAS 2008 using the MDX calculations. I wanted to include all of the members of a hierarchy except one of them. I started with trying to use the filter expression and this worked but was very ...(more)
Blogs : Computing in the Cloud
Deleting a Storage Account from Windows Azure – The right way ! - I like to clean up things after I’m done with my testing and this morning I decided to clean up my VM’s, Databases which were created under Windows Azure. Everything went smooth till I tried to delete my storage account. As soon ...(more)
Is there more to using SQL in Azure than redirecting your connection string? - One message that I often hear about using Windows Azure SQL Database (WASD) is that all you need to do is point your application’s connection string to the cloud and all will be good....(more)
A Closer Look at the Premium Offer for Windows Azure SQL Database - As part of the main keynote yesterday at the Worldwide Partner Conference (WPC) in Houston, Texas, Satya Nadella, Server and Tools President, discussed partner and customer innovations around modern business applications built with the Windows Azure platform. As part of this cloud momentum, Satya announced a new Premium offer for Windows Azure SQL Database that delivers more predictable performance. With the limited preview for this new Premium database offer coming in a few weeks, we wanted to take a closer look at the additional value SQL Database will deliver....(more)
Blogs : Deep Into Windows
A more complex discussion of user transactions and memory-optimized tables - In the last blog post, I tried out a simple example to show the difference between the three transaction isolation levels supported by memory-optimized tables. I only used user-transactions in T-SQL, and only showed the behavior of transactions consisting of SELECT statements, when INSERT/UPDATE/DELETE activity was taking place in other ...(more)
Blogs : Events
Classes and conferences this year - I (Paul Randal of SQLskills) have a busy second half of the year planned, with more classes, conferences, and Pluralsight courses coming up! ...(more)
SQL Server Training Classes in Chicago, Philadelphia, San Diego - We’re excited to announce our 2014 training class schedule! We’re coming to Chicago, Philadelphia, and San Diego to teach these two classes: ...(more)
Blogs : High Availability/Disaster Recovery
T-SQL Tuesday #44 How to Take Down Prod in 30 Seconds - Hello Dear Reader! Welcome to my blog on T-SQL Tuesday #44 Second Chances. I’m hosting this month, and we are writing all about second chances. My second chance comes from the not to distant past....(more)
Blogs : Integration Services/ETL
Copy SSIS Packages between SQL Server Instances - SSIS Packages are used quite extensively in our environment so it would be useful to mirror these. I’ve written a little powershell script to get this done. It’s fairly limited, will only copy packages created in the SSIS designer in the root folder, as that’s all I needed. ...(more)
Building Flat File Connectors Dynamically For SSIS - Building Connectors Is Crap in SSIS What else can I say. I finally broke when I had to build a flat file connector with 258 columns that needed to be imported into a staging database. 258 columns… I almost had a stroke. Not only is it ...(more)
Blogs : Performance and Tuning
Observer Overhead and Wait Type Symptoms - Joe Sack (@josephsack) of SQLskills.com shows us that we might not always be able to make an accurate correlation between wait statistics and observer overhead, depending on the method being used to observe a system. ...(more)
SQL Server and Programming Frameworks - I have days where I can’t decide if I’m frustrated or sad about how I see SQL Server being used by applications, or if I’m happy that this keeps us in ongoing work....(more)
Next-Level Parallel Plan Forcing: An Alternative to 8649 - " Even experts with decades of SQL Server experience and detailed internal knowledge will want to be careful with this trace flag. I cannot recommend you use it directly in production unless advised by Microsoft, but you might like to ...(more)
Working Around Missed Optimizations - Paul White (@SQL_Kiwi) continues his discussion about optimization and how recognizing transformations can help you make better decisions about potential query re-writes. ...(more)
Natural Born Killers (The series) – Day 8 Parameter Sniffing - To those that don’t know me “Natural Born Killers (The Series)” sounds like a very strange choice for a SQL Server blog title and to be fair it is. Those who do know me, will know that I have been presenting a session this year titled ...(more)
SQL Server: Part 4 : All About SQL Server Statistics : Auto Update Statistics Threshold - Importance of Manual statistics maintenance - In the last post, we have discussed about the auto create and auto update property of the statistics. Do we really need to do manual statistics maintenance to keep the performance optimal? The answer is yes, depends on your work ...(more)
Blogs : Reporting Services
SSRS export to Excel converts DateTime Column to Text Column - Recently we observed a weird issue with SSRS export to Excel. One of the datetime column in the report was formatted using the FORMAT function as “MM-dd-yyyy HH:mm:ss” (24 hrs format). However when this report was ...(more)
Blogs : Security and Auditing
Security Questions: Removing Logins From Databases - The next question in the list is: If an associate leaves, what is the best way to remove them from not only the logins but also all the databases?
Security Questions: Logins, Credentials, and Proxies - As I mentioned in the introductory post, during the Introduction to SQL Server Security session for Pragmatic Work’s Training on the T’s, I received a large number of questions that there wasn’t time to answer. Instead of just a re-cap ...(more)
Blogs : Software Development
Continuous Integration for SQL Server Part III – Deployment - In this article, I’ll describe the next stage in implementing a full Continuous Integration and Deployment process for SQL Server databases: Deployment. This post follows on directly from my previous post on Continuous Integration ...(more)
Blogs : SQL Server 2012
Columnstore Queries in SQL Server 2012 - On demo, the columnstore index of SQL Server 2012 gives dazzling performance, but it is optimised for data warehouse queries so it is by no means a universal route to high-performance queries. Once you understand the context in which they are best used, and the ways of ensuring that they work as intended, they can be extremely useful....(more)
Blogs : SQL Server 2014
Try out SQL Server 2014 CTP1 on Windows Azure - When SQL Server 2014 CTP 1 was announced last week, I was on it and getting ready to download within a half hour of hearing about it. I quickly ran into a small issue. I didn’t have a machine prepped for the install. ...(more)
In Memory OLTP with SQL Server 2014 - SQL Server 2014 CTP is available for download and evaluation and it contains a couple of exciting performance enhancements. One of these is OLTP databases optimised to be memory resident. So I wanted to have a play ...(more)
Blogs : T-SQL
Difference between != and <>Operator used for NOT EQUAL TO Operation - Here is interesting question received on my Facebook page. (On a side note, today we have crossed over 50,000 fans on SQLAuthority Facebook Fan Page). What is the difference between != and <>Operator in SQL Server as ...(more)
Writing Dynamic SQL - A little while back I wrote Best practice recommendations for writing Dynamic SQL where I made a number of suggestions for good habits when writing dynamic SQL. Along the same lines, this is my methodology for writing ...(more)