HiveBrain v1.2.0
Get Started
← Back to all entries
patternMinor

Are there any outstanding critical security issues for Sql Server 2000?

Submitted by: @import:stackexchange-dba··
0
Viewed 0 times
2000criticalareissuesanysqloutstandingsecurityforserver

Problem

Are there any outstanding (unpatched) security issues for Sql Server 2000?

This isn't really for me: I moved on from Sql Server 2000 long ago. However, when answering questions here and (more likely) on Stack Overflow, I'm in the habit of leaving a comment like the one at this question whenever coming across a Sql Server 2000 question. If you don't want to follow the link, it goes something like this:


Sql Server 2000 is end of life. It no longer gets any patches... not even critical security patches. It's irresponsible to continue using it. Convincing management to upgrade is job #1.

Aide from it being, well, Sql Server 2000, how much an issue is this really? In the year-plus since Sql Server 2000 went EOL, has anything big come up I could point to as a more concrete issue?

I'd look at official documentation, but as this is effectively abandonware I haven't found anything published directly by MS.

Solution

Are there any outstanding critical security issues for Sql Server 2000?

Yes, there are no patches available for newly discovered issues like meltdown/spectre

Microsoft only releases security patches for SQL versions that are still supported. Also notice that if you are running a supported SQL version with an unsupported service pack, you MUST upgrade to a supported service pack to have an available security patch.

  • 4057122 Description of the security update for SQL Server 2017 GDR: January 3, 2018



  • 4058562 Description of the security update for SQL Server 2017 RTM CU3: January 3, 2018



  • 4058561 Description of the security update for SQL Server 2016 SP1 CU7: January 3, 2018



  • 4057118 Description of the security update for SQL Server 2016 GDR SP1: January 3, 2018



  • 4058559 Description of the security update for SQL Server 2016 CU: January 6, 2018



  • 4058560 Description of the security update for SQL Server 2016 GDR: January 6, 2018



  • 4057117 Description of the security update for SQL Server 2014 SP2 CU10: January 16, 2018



  • 4057120 Description of the security update for SQL Server 2014 SP2 GDR: January 16, 2018



  • 4057116 Description of the security update for SQL Server 2012 SP4 GDR: January 12, 2018



  • 4057115 Description of the security update for SQL Server 2012 SP3 GDR: January, 2018



  • 4057121 Description of the security update for SQL Server 2012 SP3 CU: January, 2018



  • 4057114 Description of the security update for SQL Server 2008 SP4 GDR: January 6, 2018



  • 4057113 Description of the security update for SQL Server 2008 R2 SP3 GDR: January 6, 2018



Protect SQL Server from attacks on Spectre and Meltdown side-channel vulnerabilities

Context

StackExchange Database Administrators Q#87189, answer score: 3

Revisions (0)

No revisions yet.