New MSSQL Server Vulnerability

Microsoft just announced a new vulnerability for their SQL Servers that are exposed to the web (like JodoHost's servers). Below are the affected SQL Servers. Are the SQL Servers here update to date enough (i.e. SP3 for SQL Server 2005)?

Affected Servers said:
Microsoft SQL Server 2000, Microsoft SQL Server 2005, Microsoft SQL Server 2005 Express Edition, Microsoft SQL Server 2000 Desktop Engine, Microsoft SQL Server 2000 Desktop Engine, and Windows Internal Database.

Not Affected said:
Microsoft SQL Server 7.0 Service Pack 4, Microsoft SQL Server 2005 Service Pack 3, and Microsoft SQL Server 2008

Story
 
Er actually need to check this I was thinking SP2, SP3 is brand new.
Looking at the details, it is not directly an issue, but via a signup could be and we will schedule a maintenance to do SP3 by weekend.
 
Have posted maintenance on 2005 servers now, the other servers are fine.

OK I found the actual MS Bulletin and it looks like we've got the hotfix for this one setup, SP3 isn't "required" but having it shouldn't hurt either. The 2000 servers have a similar hotfix done.
 
Back
Top