Looking back over 2017, we can see it has been another year highlighting the importance of good cyber security and procedure with the cost of ransomware attacks estimated to cost $5 Billion alone.
One particularly critical issue is the recently discovered Meltdown and Spectre bugs affecting CPUs. These bugs allow malicious attackers to access information directly from memory, including passwords and other private information.
Microsoft has been rolling out updates to patch these bugs however, if your antivirus software is not supported, this update can lead to system crashes and has prevented Microsoft from distributing the required patching automatically to business environments outside of Azure.
Please see the below articles for how to remediate this security issue and any future security patches from Microsoft.
- Important: Windows security updates released January 3, 2018
- Guide to protect SQL Server against speculative execution side-channel vulnerabilities
If you are currently one of our Dedicated Support customers, we will be in contact shortly to assist and rollout the solutions provided above.
SQL Server Updates:
- SQL Server 2017 RTM: Cumulative Update 3 (CU3)
- SQL Server 2016 Service Pack 1: Cumulative Update 7 (CU7)
- SQL Server 2014 Service Pack 2: Cumulative Update 9 (CU9)
Windows Critical Security Updates:
- Critical update release notes can be found under the following Microsoft articles:
Recent Security News Articles:
- 5th January 2018: Meltdown and Spectre: All Macs, iPhones and iPads affected
- 5th January 2018: NCSC Weekly Threat Report 5th January 2018
- 19th December 2017: South Korean cryptocurrency exchange to file for bankruptcy after hacking
- 5th December 2017: Belarus arrests suspected ringleader of global cyber crime network