Home Forums SQL Server 2008 SQL Server 2008 Administration MSSQL Vulnerabilities RE: MSSQL Vulnerabilities

  • October 8, 2013 at 4:51 pm

    #1656954

    The classic answer would be: it depends. It's impossible to "clarify". But it's always good to know what vulnerabilities have been detected and fixed...

    Once you know, you'll need to verify if the issue described will apply to your environment (Hardware, Software, Network, Firewall, DMZ ...).

    If so, you'll need to check if the fix won't stop your system (e.g. due to a dedicated software or hardware component, that need to be updated first).

    The rest would be the "standard procedure": install in Dev environment, test, test, and test, have the rollback guideline handy and verified and, finally, roll it out to production.

    At our company the whole process is called "Patch Management". We try to know as much as possible regarding vulnerabilities (not only the fixes, but also the exploits found) but change the production system as infrequent as possible. The gap in between is part of our "Risk Management". 😉


    Lutz
    A pessimist is an optimist with experience.

    How to get fast answers to your question[/url]
    How to post performance related questions[/url]
    Links for Tally Table [/url] , Cross Tabs [/url] and Dynamic Cross Tabs [/url], Delimited Split Function[/url]