Checking Your SQL Server Instance for Spectre/Meltdown Patches

If you are running SQL Server 2008 through SQL Server 2017, you should be thinking about what you should be doing to protect your systems from the Meltdown and Spectre vulnerabilities. Microsoft has a number of KB articles that address this issue from several different perspectives. This is a good starting list: SQL Server Guidance […]

Checking Your Intel Processor Features Regarding the Meltdown Exploit

By now, you have probably heard plenty about the Spectre and Meltdown exploits that affect many modern processors. The Meltdown exploit (CVE-2017-5754) in particular only affects Intel processors. Microsoft has already patched most of their client and server operating systems to mitigate against Meltdown. Depending on the exact model of Intel processor you are using, […]

SQL Server Diagnostic Information Queries for January 2018

This month, there are more minor updates to the all of the versions of the queries, primarily in the comments and documentation. There are also links for the Spectre/Meltdown hotfixes for SQL Server 2008 SP4 and SQL Server 2008 R2 SP3. I often make additional minor updates to the queries periodically during the month, so […]

Performance Effects of Meltdown and Partial Spectre Fixes on Intel Core i7-7500U Laptop

I have a fairly recent vintage HP Spectre x360-13w023dx laptop (slightly over a year old) that has an Intel Core i7-7500U (Kaby Lake-U) processor, 16GB of DDR4 RAM, and a 512GB Samsung PM961 M.2 NVMe SSD that is running Windows 10 Professional Version 1709. Last night, I installed the Windows 10 January 2018 Security Update […]

SQL Server 2017 CU3 Released on January 4, 2018

On January 4, 2018, Microsoft released SQL Server 2017 CU3, which is Build 14.0.3015.40. By my count, this CU has sixteen public hotfixes, many of which are for the SQL Engine or SQL performance. There are also some new manageability and programmability features that have been added, such as support for the MAXDOP option for […]

Checking Your Meltdown and Spectre Mitigation Status in Windows

As I have previously discussed, there has been an explosion of information and speculation about the Spectre and Meltdown vulnerabilities. Here is the official information about all three vulnerabilities. Spectre CVE-2017-5753 (Bounds Check Bypass) CVE-2017-5715 (Branch Target Injection) Meltdown CVE-2017-5754 (Rogue Data Cache Load) Checking Your Meltdown and Spectre Mitigation Status in Windows Microsoft has […]

Microsoft SQL Server Updates for Meltdown and Spectre Exploits

Over the last couple of days, you have probably heard quite a bit of chatter and speculation about some newly disclosed ways to attack various processors. The initial reports were that only Intel processors were affected, but some sources indicate that some AMD and ARM processors are also vulnerable. Security researchers at Graz University (who […]