The Meltdown and Spectre attacks are newly announced ways of hacking CPUs, and they’re causing all kinds of urgent patches this week in operating systems, hypervisors, and apps.
Go get ’em, tiger.
Other improvements & fixes include some really awesome stuff!
- New MAXDOP hint for stats updates
- New spills columns in DMVs to diagnose TempDB spills
- CXPACKET shows up in execution plans
- Plans show the list of stats used during query optimization
- Stats on partitioned tables not automatically updating, which includes a new trace flag 11024
- Memory leak during Hekaton backups
- Deadlocks on parallel queries of clustered columnstore indexes
- Long query compile times if you cast a string to XML
6 Comments. Leave new
Are you saying there are mitigations for Meltdown and Spectre inside the CUs? I’m not seeing anything in the release notes regarding this. Also, my understanding is that this could only be patched at the OS level.
Yeah, read the CU documentation carefully. Microsoft is saying this is also being released as a security patch – which would imply there’s something in here that’s security-related.
(I mean, surely they wouldn’t lie and call something a security patch when it’s not, one would hope.)
Thanks for the infor!!
Do you know if these patches help against the “Meltdown and Spectre” attacks for SQL Server in parallel to the OS patch? Is the OS patch required with the updated SQL patches?
Thanks 🙂
Your best bet there is to read Microsoft’s guidance:
https://support.microsoft.com/en-us/help/4073225/guidance-for-sql-server
I guess they are not going to be releasing a patch for this for SQL 2008/12/14??
(I know I know..)
Your guess there is as good as mine. My guess would be yes, they’ll release it at some point, since it’s a security thing and not a performance thing.