SQL Server Security Patches RRS feed

  • Question


    I have a requirement for Payment Card Industry (PCI) to patch all my instances of SQL Server (both 2000 and 2005) for vulnerabilities. 


    1.) How do I determine what patches have been applied to my SQL Server Instances?

    2.) Where can I go to get patches for SQL Server (2000 and 2005)?




    Friday, August 29, 2008 5:33 PM


  • SQL Server patches are cumulative (last patch contains all previous patches made since the last Service Pack). Patches change the version number, so you can just check that number to see whether you have the last build available: select @@version. The documentation for the last patch includes a list of all fixes included. For example, this is the page for the last SQL Server 2005 patch (as of today): http://support.microsoft.com/kb/951217.


    A Service Pack contains all fixes made up to that point in time. Unless you're looking for a fix to an issue that affects you, you don't need to worry about installing the latest patch - you can just wait for the next Service Pack.


    For SQL Server 2005 go here: http://support.microsoft.com/ph/2855

    For SQL Server 2000 go here: http://support.microsoft.com/ph/2852


    In general, you can go at http://support.microsoft.com/ and then type the product name in the Select a Product prompt.


    Hope this helps


    Friday, August 29, 2008 8:56 PM

All replies