Introduction to ASP.NET Core Blazor Server
October 31, 2023
Microsoft SQL Server Vulnerability CVE-2021-1636
Last week Microsoft let the world know about a venerability in SQL Server which affects all currently supported versions of SQL Server. While it does require an extended events session to be running–All SQL Servers have a default session and it is not entirely clear if this default system session is included.
We recommend everyone running SQL Server to install the fix/patch as soon as possible. One note for versions 2012, 2014, and 2016–you must be running a minimum service pack to apply the update so you may have two updates to apply.
The official announcement gives official details of the vulnerability and the associated risks.
This update is being made available through Windows update. If you run your windows updates on a regular basis the update should be applied.
We recommend everyone running SQL Server to apply this security patch in a timely manner.
Frequently Asked Questions
Which versions of SQL Server are affected?
All versions of SQL Server are affected.
Will this require an outage?
Yes, your SQL Server will need to restart. Most deployments will take about 15 minutes.
How do I know which version of SQL Server I am running?
In SQL Server Management Studio, you can run the following command:
This will give you the version information you need to know which updates you need to apply.