November 9, 2015 at 8:15 am
We have around 15 Production SQL Servers, On which SQL 2005,2008 and 2014 installed.
recently i observed No Security updates installed for windows since 1-2 years.
is any issue for SQL server if windows security updates are not up to date ?
(Service Pack's are up to date for SQL Server instances)
November 9, 2015 at 8:55 am
I recommend you start applying them after some testing.
November 9, 2015 at 9:26 am
I'd look at it this way:
If SQL is the items store in a warehouse, you're keeping the processes to access that up-to-date. BUT the warehouse itself (Windows) is secured with a padlock with known vulnerabilities.
Basically, you should develop a plan to get the OS patched and up-to-date, as someone could, if they gain access to the OS, get copies of your DBs.
Best suggestion, if you have a QA environment, apply updates there first, then the updates to the updates, and so on. If everything goes well, then you move on to production (and plan on many reboots, if you're missing 2+ years of updates, there's going to be a lot of reboots.)
Viewing 3 posts - 1 through 2 (of 2 total)
You must be logged in to reply to this topic. Login to reply