Solved

patch sql servers

Posted on 2006-07-10
2
543 Views
Last Modified: 2008-03-06
what is the best way to patch sql servers with MS updates?
0
Comment
Question by:Aopoku
2 Comments
 
LVL 142

Expert Comment

by:Guy Hengel [angelIII / a3]
ID: 17077257
test it first on test server(s).

0) get a downtime time slot
1) just before the slot, run a full BACKUP of all databases AND of the system
2) apply the updates
3) restart if necessary
4) get another full backup of all databases
0
 
LVL 4

Accepted Solution

by:
csachdeva earned 250 total points
ID: 17079141
The patch mostly fixes buffer overrun problems that allow a hacker to exploit SQL Server and gain full control of our server. If proper security is implemented, then the problems listed in this cumulative patch can be lessened. There is also an additional bug that allows a user with minimal access to the server to create scheduled jobs that would run under the authority of the account that starts SQL Server Agent. This could lead to a disruption in your SQL Server service or allow a hacker access to your operating system or overall network.
Before implementing Patch, follow the following steps:

 Step 1: Map your network
 Step 2: Perform an active scan
 Step 3: Check for SQL registrations
 Step 4: Probe remote services
 Step 5: Probe for SSNetlib.dll versions
 Step 6: Directly request version information

First, sort your list of SQL Server instances by SQL Server product release (SQL Server 6.5, 7.0, 2000, etc.), then by service pack, and finally by build. Identify which instances do not have the latest service pack for the current product, and calculate how long it will take to install the service packs on each instance (you can estimate this by performing at least one installation manually). Then, assuming you will apply all of the service packs, calculate the number of hotfixes that will need ...

Step 1: Segregate your scan results

First, sort your list of SQL Server instances by SQL Server product release (SQL Server 6.5, 7.0, 2000, etc.), then by service pack, and finally by build. Identify which instances do not have the latest service pack for the current product, and calculate how long it will take to install the service packs on each instance (you can estimate this by performing at least one installation manually). Then, assuming you will apply all of the service packs, calculate the number of hotfixes that will need to be deployed to reach an acceptable patch level and how long these will take. You should end up with information like this, which will help you plan the downtime:

Service Pack installations:

Product Service Pack Upgrade Path Count Est. Install TIme
SQL Server 6.5 4 to 5a 2 2 hrs.
SQL Server 7.0 2 to 4 3 3 hrs.
SQL Server 2000 Gold to 3a 23 13 hrs.
SQL Server 2000 2 to 3a 34 18 hrs.

Hot-fix installations:

Product Build Count Est. Install TIme
SQL Server 6.5 6.50.480 2 10 min.
SQL Server 7.0 7.00.1077 3 20 min.
SQL Server 2000 8.00.878 23 3 hrs.

(This is only a suggestion. The point is to obtain some estimated metrics so you can properly set expectations for resources needed. Much of this will depend on whether your deployments are manual or automated.)

Step 2: Obtain service packs and prepare for deployment
 
First, download the service pack from Microsoft's Web site by searching for "service pack" and selecting "SQL Server" as the product. You should be able to easily locate the service pack needed for your SQL Server product version, download it and store it on a file server if you want to prevent having to burn it to a CD.

Before you proceed with deployment, you should back up all user databases as well as the master, msdb, and model databases on each SQL Server instance. In addition, you'll need to inform personnel who depend on those systems about the downtime window since it can be quite large for service packs.

Step 3: Deploy service packs
 
Next, determine if you're going to perform each installation interactively or perform the installations remotely. Service packs are a major undertaking and can take a significant amount of time depending on the size and processing power of your SQL Server hardware. For large, mission-critical SQL Server instances, it is usually best to perform them manually and interactively (by sitting at the console or using Terminal Services) so you can watch for any irregularities and respond to them.

For less critical systems, you may wish to perform the service pack installations remotely and in bulk using the unattended installation files. However, the instructions for doing this are very complicated and require significant planning. If you decide to do that, please refer to the documentation that comes with the service pack for instructions on performing unattended, remote installations.

Step 4: Obtain hotfixes and prepare for deployment
 
Now that you've deployed the service packs, you need to download the latest hotfix for your SQL Server products. Refer to the database of SQL Server versions Web site to see the latest hotfix that is available for your supported SQL Server product.
You can also search for hotfixes by visiting http://www.microsoft.com/downloads, searching for "hotfix" and selecting "SQL Server" as the product. Once the results are returned, change the sort order to "Date" to see the latest recommended, publicly available hotfix at the top of the list.

 Step 5: Deploy hotfixes

 Step 6: Re-assess network

hope the above steps can help you to sort out your query.

Regards,
Chetan Sachdeva
0

Featured Post

Microsoft Certification Exam 74-409

Veeam® is happy to provide the Microsoft community with a study guide prepared by MVP and MCT, Orin Thomas. This guide will take you through each of the exam objectives, helping you to prepare for and pass the examination.

Join & Write a Comment

Entering a date in Microsoft Access can be tricky. A typo can cause month and day to be shuffled, entering the day only causes an error, as does entering, say, day 31 in June. This article shows how an inputmask supported by code can help the user a…
Never store passwords in plain text or just their hash: it seems a no-brainier, but there are still plenty of people doing that. I present the why and how on this subject, offering my own real life solution that you can implement right away, bringin…
Video by: Steve
Using examples as well as descriptions, step through each of the common simple join types, explaining differences in syntax, differences in expected outputs and showing how the queries run along with the actual outputs based upon a simple set of dem…
Polish reports in Access so they look terrific. Take yourself to another level. Equations, Back Color, Alternate Back Color. Write easy VBA Code. Tighten space to use less pages. Launch report from a menu, considering criteria only when it is filled…

757 members asked questions and received personalized solutions in the past 7 days.

Join the community of 500,000 technology professionals and ask your questions.

Join & Ask a Question

Need Help in Real-Time?

Connect with top rated Experts

21 Experts available now in Live!

Get 1:1 Help Now