Were You Up for Patch Day?
-
Yesterday Microsoft released a number of patches, 5 of them critical flaws. If you didn't get the list, the latest ones are posted at Database Daily as well as TechNet. There are patches for Windows itself, IE, Exchange, and a few office products among the critical updates.
I got the updates yesterday and it was nice to get them all at once. Since I do the patching here at SQLServerCentral.com, having them all come together is better than getting 2 one week, 1 another, etc. and constantly worrying about having to apply these patches to my servers.
Of course, over at Slashdot, there was the usual monthly bashing of Microsoft for having to issue patches.
What I did like to see is that there were lots of people defending Microsoft in saying that all the OSs have patches coming for them and most of the patches issued are for things outside the core OS product. Many times there are issues with add-on software that are being addressed. As someone that sees all the Secunia bulletins, I'd agree. I see tons of patches, mostly aimed at the Linux distributions, but often they are for some small add-on software to the core OS. And often I see the same patch being notified on each distribution. Now there may be slight differences or some porting on some of these patches, but I don't necessarily count them as separate patches. Depending on your marketing slant, you might feel differently.
I do, however, not think that having patches come out every few days is a good thing. I realize that many Linux distributions have a simple update process to get the patches, but that doesn't help with testing. Realistically in a corporate world you'd want to download and install each patch separately, test that it hasn't broken anything, then move on. If you were getting patches every week, then you'd potentially have a full time job patching systems. At least from what I've seen on of security notifications.
But I, and you, better get used to it. As long as we are developing software this quickly, there will be no end to security patches.
So I'm off to do some patch testing and see what's broken and what's not. Anybody have any warnings for W2K3 SP1?
Steve Jones
-
Dear Mr. Jones,
Yes I have one warning for the SP1, may be it is somewhere in the release note or readme but I very seldom read them (I know it's bad).
I have one sql server with W2K3 and SQL2k Sp3a (+ hot fixes). On this server I also have MSDTC installed and configured to allow DT with another sql server.
After having installed SP1 everything was running fine, including MSDTC without any warning or error message but distributed transaction were failing with the usual message: unable to "start" a DT etc...
I checked the DTC settings and nothing was changed (at least apparently) and I still don't know what was wrong because after having played with different settings, I wen't back to the original ones, restarted MSDTC and it worked again
It's not just the restart of the MSDTC because that was one of the first things I tried, including sql and whole server restart. It is more like if the settings were somehow lost and needed to be reapplied.
Now it is working so it's fine but if someone has an explanation it would please me
Best regards
Douglas
p.s. SP1 firewall was unabled all the time
-
You asked today if there were any issues with SP1. I sure had one! I started to upgrade our portal server yesterday, and partway through the backup phase it barked that it couldn't find the "support.icw" file to back up. I checked; I didn't have that file. No big, I thought, since it's the Internet connection Wizard. I hate that thing. I selected "Cancel" and the system asked me if I wanted to continue without backing that file up. I responded yes, didn't need it anyway. It proceeded to ask me about all of the ICW files, I responded the same. The service pack continued, and off I went. However, the upgrade tried to copy the support.ic_ file, and said it couldn't find it. It was right there, I retried several times, but it still said it couldn't find it. I even copied it manually, still no luck. This time when I hit cancel, the entire upgrade tried to roll back. But here's the catch - when it did, it barked at - you guessed it - support.icw. It wanted to restore it. This time it bailed completely. When it rebooted, it went into a bluescreen-reboot loop. Even when I tried the safe command line mode, bluescreen reboot. I tried a rescue disk; no luck. Today I'm restoring from a backup. Buyer Beware.
Buck Woody
MCDBA, MCSE, Novell and Sun Certified -
Just applied W2K3 SP1 and (so far), no issues. It did take several clicks of "Install Now" to get the download to start.
I'm keeping my fingers crossed...
Dan
-
w2k3 SP1 pretty much destroyed my exchange 2k3 testing box... everything was patched to the hilt... before I went with the install... I even read the entire documentation and sub docs looking for anything that might make me look like a tool (a rare thing for me really in practice... not the tool part mind you...) and went over any possible unforeseen human factors. Gave the box a reboot and then found no exchange services ran.. the AD had disappeared... now for the testing I pulled some accounts from a backup of a 2k AD and had the 2k3 domain set to the same settings ... (I didn't want to confuse the poor thing... we know how much MS goes to the trouble to making account management backward compatible....) anyway... I was able to roll it back .. and now it sits in the off position waiting for me to get back to it ... I'm lending to the idea that it probably would have not been an issue were the AD 'native' accounts. The box was run in 'the' native mode.
Viewing 5 posts - 1 through 4 (of 4 total)
You must be logged in to reply to this topic. Login to reply