SQL Clone
SQLServerCentral is supported by Redgate
 
Log in  ::  Register  ::  Not logged in
 
 
 


SQL Server 2014 Meltdown / Spectre Patch - GDR Path


SQL Server 2014 Meltdown / Spectre Patch - GDR Path

Author
Message
ft55
ft55
SSC Eights!
SSC Eights! (854 reputation)SSC Eights! (854 reputation)SSC Eights! (854 reputation)SSC Eights! (854 reputation)SSC Eights! (854 reputation)SSC Eights! (854 reputation)SSC Eights! (854 reputation)SSC Eights! (854 reputation)

Group: General Forum Members
Points: 854 Visits: 247
As part of the mitigation process for the Meltdown and Spectre vulnerability we are looking at applying the released SQL patches.

Currently our installs of SQL Server 2014 are running at SP2 (12.0.5000.0), so would need to apply Security Update for SQL Server 2014 Service Pack 2 GDR (KB4057120 - 12.0.5214.6).

Looking at the security releases for SQL Server 2014 I can see that there are also two GDR security updates that predate the above - KB3194714 , KB4019093. Will the latest GDR Security Update for SQL Server 2014 KB4057120 include the previous GDR Security Updates (KB3194714 , KB4019093) meaning I only need to install the latest GDR update to install all the released security packages. Or will I need to apply each security update separately ?

Many thanks
Francis
TheSQLGuru
TheSQLGuru
SSC Guru
SSC Guru (103K reputation)SSC Guru (103K reputation)SSC Guru (103K reputation)SSC Guru (103K reputation)SSC Guru (103K reputation)SSC Guru (103K reputation)SSC Guru (103K reputation)SSC Guru (103K reputation)

Group: General Forum Members
Points: 103541 Visits: 8966
ft55 - Thursday, February 8, 2018 7:02 AM
As part of the mitigation process for the Meltdown and Spectre vulnerability we are looking at applying the released SQL patches.

Currently our installs of SQL Server 2014 are running at SP2 (12.0.5000.0), so would need to apply Security Update for SQL Server 2014 Service Pack 2 GDR (KB4057120 - 12.0.5214.6).

Looking at the security releases for SQL Server 2014 I can see that there are also two GDR security updates that predate the above - KB3194714 , KB4019093. Will the latest GDR Security Update for SQL Server 2014 KB4057120 include the previous GDR Security Updates (KB3194714 , KB4019093) meaning I only need to install the latest GDR update to install all the released security packages. Or will I need to apply each security update separately ?

Many thanks
Francis

CUMULATIVE updates for SQL Server are just that - cumulative.

But if I were you I would absolutely NOT rely on a forum post to decide what patches to apply to your production SQL Server (or any other) environment. Read the release notes and the file update lists and verify for yourself. Failing that get Microsoft to tell you what to do.

Having said that, I am advising every client to STRONGLY review whether they NEED to put the patches on their production SQL Servers AT ALL AT THIS TIME. They have been proven to be unstable and horribly bad for SQL Server performance. Note that I am not advising you of this because you are not a client. YMMV Cool


Best,
Kevin G. Boles
SQL Server Consultant
SQL MVP 2007-2012
TheSQLGuru on googles mail service
ft55
ft55
SSC Eights!
SSC Eights! (854 reputation)SSC Eights! (854 reputation)SSC Eights! (854 reputation)SSC Eights! (854 reputation)SSC Eights! (854 reputation)SSC Eights! (854 reputation)SSC Eights! (854 reputation)SSC Eights! (854 reputation)

Group: General Forum Members
Points: 854 Visits: 247
I guess that was my question as my post isnt about CU patches it was about GDR patches and if they were cumulative.

I have already engaged with Microsoft but posted on here for advice / discussion as I thought that was the point of a forum..........
BU69
BU69
SSCommitted
SSCommitted (1.9K reputation)SSCommitted (1.9K reputation)SSCommitted (1.9K reputation)SSCommitted (1.9K reputation)SSCommitted (1.9K reputation)SSCommitted (1.9K reputation)SSCommitted (1.9K reputation)SSCommitted (1.9K reputation)

Group: General Forum Members
Points: 1949 Visits: 484
I put the GDR patch on where I had installed only up to a service pack, so where I had SQL 2014 SP2 only I applied the GDR (General Distribition) patch, where I had SP2 with CU7 installed I patched with the CU10 update but only after testing, both patches include the security update you need, so you only need the specific patch for either situation.

https://support.microsoft.com/en-us/help/4073225/guidance-protect-sql-server-against-spectre-meltdown

Funny thing after the patch though, when putting CU10 on and you do Select @@version it reports SP2-CU10-GDR which is most confusing.

I patched all the machines and didn't notice any performance hit, depends which blogs you read as well, some are all doom and gloom and say it will kill everything, some say there have been minimal reports of any performance impact, this all stems from the OS patch stories about performance hits. The only way to be sure is to test the patches before applying them in production.
Go


Permissions

You can't post new topics.
You can't post topic replies.
You can't post new polls.
You can't post replies to polls.
You can't edit your own topics.
You can't delete your own topics.
You can't edit other topics.
You can't delete other topics.
You can't edit your own posts.
You can't edit other posts.
You can't delete your own posts.
You can't delete other posts.
You can't post events.
You can't edit your own events.
You can't edit other events.
You can't delete your own events.
You can't delete other events.
You can't send private messages.
You can't send emails.
You can read topics.
You can't vote in polls.
You can't upload attachments.
You can download attachments.
You can't post HTML code.
You can't edit HTML code.
You can't post IFCode.
You can't post JavaScript.
You can post emoticons.
You can't post or upload images.

Select a forum








































































































































































SQLServerCentral


Search