Hi Steve, a bit off topic, but may I add an update to the Patchday last week - the situation (at least here in Europe) looks unfortunately a bit different 🙁

First of all, MS included some Security Patches for SQL 2K5 and 2K8, in addition to the already mentioned other Windows components that could cause troubles to a SQL instance (like Firewall, Group Policies, .NET, etc.). According to Sec Bulletins 16(!) patches were released!

Second the patches seem to produce some serious problems in some specific environments.

Third (and this the worst of all), the patches are partly not uninstallable, the corresponding "how to remove" entry in the KnowledgeBase goes like "backup all your data, uninstall the whole SQL Server instance, grab your original media and reinstall" - this is in my opinion a fully unserious way to produce security patches!

Short description of my recent findings (I know, very unusual/obsolete combination of components, but this is how often real life looks like):

Small Business customer, I was never able to persuade the client to purchase a dedicated database server, so inspite of my recurring recommendations all tasks are running on just one poor old piece of hardware (domain controller, fileshare, antivirus, backup, print server, Exchange, God knows what else...)

Again typical small business customers - there is no dedicated system administrator available, someone in the company "who knows anyway" just turns around the knobs as this is cheaper than to hire an external professional.

There is (was) an SQL 2000 instance with all patches and SP4 running, migration and upgrade to current versions was omitted to spare the licence costs.

Some additonal SQL2K5 (Express) instances were silently installed by additional software components (backup solution, antivirus, online banking).

Friday night (an optimum on timing!) the patches hit the server and found the SQL2K5 instances (whoever activated automatic updates on a productive server should be roasted slowly on charcoal, but this is an other story).

The result was that saturday morning all SQL instances were found dead on the machine, removal or reinstallation was not possible as the operating system was apparently completely confused. Services were deactivated, communication and firewall policies changed, standard 1433 port reconfigured, backup (also using SQL) failed, restore was not executable.

I might be mistaken, English is not my mother tongue, but I believe, this is the situation that can be best described by the acronym FUBAR in the English language(?)

So I was forced to set up a completely new server over the weekend as a dedicated DB server - but think positive! At least my recommendation for a new server is not in vain any more 😀

Nevertheless, I find the way Microsoft patches, sometimes rather unprofessional - first they put some unfinished and/or vulnerable products on market as the time pressure is too high or the announced release dates are over. Later on, when the vulnerabilities hit the market they react - again under time pressure - with patches that are often not reversible and sometimes produce more problems than you possibly had without. Finally they do not care if someone could possibly use something that is not fresh out of the box - just the way they keep on killing common controls and other components that are still very widely used by many old, pre .NET applications.

Of course I understand, old systems can not be supported forever - but nobody talks here about providing support, just why not leave legacy systems as they are?! If there is anything not clear during a patch installation (like finding a previous/obsolete version) it would be better to cancel the patch instead of forcibly breaking down the whole system.

Cheers, Richard.