Re: April Security Patches and SQL Server
From: John (jkraeck_at_NOprincetonSPAM.edu)
Date: 04/27/04
- Next message: Sue Hoegemeier: "Re: SQL Backup Error"
- Previous message: henk spaan: "SQLServer error 16958 : Could not complete cursor operation because the set options have changed since the cursor was declared."
- In reply to: Stephen Dybing [MSFT]: "Re: April Security Patches and SQL Server"
- Next in thread: Stephen Dybing [MSFT]: "Re: April Security Patches and SQL Server"
- Reply: Stephen Dybing [MSFT]: "Re: April Security Patches and SQL Server"
- Messages sorted by: [ date ] [ thread ]
Date: Tue, 27 Apr 2004 10:32:17 -0400
Stephen,
Well, yesterday, both were not listed in my default reader, Outlook Express,
and searching only brought up the reply. Today, the search found Mark's
response, my followup and your followup. Looking down the list, I do not
find my original post of 4/22. Just reporting what I see.
Are there any known problems with this patch?
We immediately saw unscheduled reboots of our SQL Server (2000sp/3a running
on Win2k Server sp4). Typically these are network related, and I have not
seen anything untoward happening when running perfmon and sql profiler
against the server, but they began almost immediately after the sus push of
these patches to the server.
We also experienced problems with a third party web application trying to
access the database server. This application is running on a Windows
2000/sp4 server running IIS5.0 with SSL. The application reported numerous
connection failures to the database. SQL Profiler did show any failed login
attempts, so I have to assume that it was the applications data tier that
was having the problem; but again, the problem did not exist until the
patches were applied.
Removing the patches resolved the issue, but clearly this is not a situation
I want to maintain for any length of time.
Regards,
John
"Stephen Dybing [MSFT]" <stephd@online.microsoft.com> wrote in message
news:%23aUwOT7KEHA.3052@TK2MSFTNGP12.phx.gbl...
> Nope, Microsoft is not taking editorial license on this or any other post
> that isn't spam, pornography, personal attacks, or something else nasty
like
> that.
>
> I can see both your original post (Message-ID:
> <esSncLKKEHA.2884@TK2MSFTNGP12.phx.gbl>) and Mark's followup (Message-ID:
> <uigrjjQKEHA.3944@tk2msftngp13.phx.gbl>) on msnews.microsoft.com using
> Outlook Express. I can also see them using our web newsreader at:
>
>
http://www.microsoft.com/sql/community/newsgroups/dgbrowser/en-us/default.mspx?query=April+security+patches&dg=microsoft.public.sqlserver.server&cat=&la
ng=en&cr=US&pt=&catlist=6C839803-6334-48D8-A2C3-72A1BEF0053D&dglist=&ptlist=
>
> --
> Sincerely,
> Stephen Dybing
>
> This posting is provided "AS IS" with no warranties, and confers no
rights.
>
> "John" <jkraeck@NOprincetonSPAM.edu> wrote in message
> news:Ow6KCQ5KEHA.240@TK2MSFTNGP10.phx.gbl...
> > Mark,
> >
> > Thanks, for the response. I guess it is time to use up one of our MSDN
> > support calls. This set of patches has significantly reduced the
> > availability of two servers that had been running with no problems for
> > months, and of course, since it includes the RPC/DCOM patch, we cannot
> > remove the patch since this is an exploit that requires no I/O
(inadequate
> > operator) action.
> >
> > Curious though that neither my original post or your response displayed
in
> > the newsgroup. I only found your response, by searching the forum for
the
> > subject line of my post. Is Microsoft taking editorial license?
> >
> > Cheers,
> > John
> >
> > "Mark Allison" <marka@no.tinned.meat.mvps.org> wrote in message
> > news:uigrjjQKEHA.3944@tk2msftngp13.phx.gbl...
> > > I don't know how to solve your issue, but I would recommend you call
> > > Microsoft Product Support Services (MS PSS).
> > >
> > > --
> > > Mark Allison, SQL Server MVP
> > > http://www.markallison.co.uk
> > >
> > >
> > >
> > >
> > > "John" <jkraeck@NOprincetonSPAM.edu> wrote in message
> > > news:esSncLKKEHA.2884@TK2MSFTNGP12.phx.gbl...
> > > > We are running SQL Server 2000/sp3a on a relatively new server sized
> to
> > > meet
> > > > our needs for the foreseeable future. The OS is Win2k/sp4. It has
> been
> > > > running very well since installed; the last reboot was over a month
> ago
> > > and
> > > > that was scheduled for security updates.
> > > >
> > > > On Monday evening, we installed the April security patches:
> > > >
> > > > Microsoft KB837001 MS04-014:Vulnerability in Microsoft Jet Database
> > Engine
> > > > could permit code execution
> > > > Microsoft KB828741 MS04-012: Cumulative Update for Microsoft
RPC/DCOM
> > > > Microsoft KB835732 MS04-011: Security Update for Microsoft Windows
> > > > Microsoft KB837009 MS04-013: Cumulative Security Update for Outlook
> > > Express
> > > > Microsoft KB831167: Wininet retries POST requests with a blank
header.
> > > >
> > > > ...via SUS. The server has been averaging three unscheduled reboots
> per
> > > day
> > > > since. If anyone has any ideas, I would be most grateful. We have
had
> > > little
> > > > luck analyzing the dump file. My guess is that it has something to
do
> > with
> > > > the RPC/DCOM patch, since it is serving data for several third party
> web
> > > and
> > > > windows client applications.
> > > >
> > > > Thanks,
> > > > John
> > > >
> > > >
> > >
> > >
> >
> >
>
>
- Next message: Sue Hoegemeier: "Re: SQL Backup Error"
- Previous message: henk spaan: "SQLServer error 16958 : Could not complete cursor operation because the set options have changed since the cursor was declared."
- In reply to: Stephen Dybing [MSFT]: "Re: April Security Patches and SQL Server"
- Next in thread: Stephen Dybing [MSFT]: "Re: April Security Patches and SQL Server"
- Reply: Stephen Dybing [MSFT]: "Re: April Security Patches and SQL Server"
- Messages sorted by: [ date ] [ thread ]
Relevant Pages
|
