Dangerous SQL Server Builds

Dangerous builds of SQL Server

Why should you care about your build version of SQL Server?

There are known bugs and threats in specific build versions of SQL Server.

You may experience data corruption in the clustered indexes and high-security issues.

By the way, this check is a part of our SQL Server Health Check.

The online index rebuild can cause index corruption or data loss when it is used together with concurrent queries that modify many rows in specific builds of Microsoft SQL Server 2012 and Microsoft SQL Server 2014.

How to check it?

You can use the script below to check if you are using a dangerous build of SQL Server:

  1. DECLARE @ProductVersion NVARCHAR(128),@ProductVersionMajor DECIMAL(10,2),@ProductVersionMinor DECIMAL(10,2)
  2.  
  3. SET @ProductVersion = CAST(SERVERPROPERTY('ProductVersion') AS NVARCHAR(128))
  4. SELECT @ProductVersionMajor = SUBSTRING(@ProductVersion, 1,CHARINDEX('.', @ProductVersion) + 1 ),
  5. @ProductVersionMinor = PARSENAME(CONVERT(varchar(32), @ProductVersion), 2);
  6.  
  7. SELECT @ProductVersion As YourSQLBuild,
  8. CASE WHEN (@ProductVersionMajor = 11 AND @ProductVersionMinor >= 3000 AND @ProductVersionMinor <= 3436) OR (@ProductVersionMajor = 11 AND @ProductVersionMinor = 5058) OR (@ProductVersionMajor = 12 AND @ProductVersionMinor >= 2000 AND @ProductVersionMinor <= 2342) THEN 'Build with high risk of security' WHEN (@ProductVersionMajor = 10 AND @ProductVersionMinor >= 5500 AND @ProductVersionMinor <= 5512) OR (@ProductVersionMajor = 10 AND @ProductVersionMinor >=5750 AND @ProductVersionMinor <= 5867) OR (@ProductVersionMajor = 10.5 AND @ProductVersionMinor >= 4000 AND @ProductVersionMinor <= 4017) OR (@ProductVersionMajor = 10.5 AND @ProductVersionMinor >= 4251 AND @ProductVersionMinor <= 4319) OR (@ProductVersionMajor = 11 AND @ProductVersionMinor >= 3000 AND @ProductVersionMinor <= 3129) OR (@ProductVersionMajor = 11 AND @ProductVersionMinor >= 3300 AND @ProductVersionMinor <= 3447) OR (@ProductVersionMajor = 12 AND @ProductVersionMinor >= 2000 AND @ProductVersionMinor <= 2253) OR (@ProductVersionMajor = 12 AND @ProductVersionMinor >= 2300 AND @ProductVersionMinor <= 2370)
  9. THEN 'Build with high risk of corruption'
Figure 1 – Query output (Sample).

How to fix it?

  1. Install the latest service pack (SP) and latest cumulative update (CU) as soon as possible.
  2. If this can’t be done now, at least use MAXDOP=1 in index maintenance jobs (SQL Server Agent).
  3. Keep your SQL Server updated.

Let our expert SQL Server Consulting team handle the technical complexities, so you can focus on driving your business forward with confidence.

More information

Microsoft – Security Bulletin MS14-044.
Microsoft – Data corruption occurs in clustered index when you run online index rebuild in SQL Server 2012 or SQL Server 2014.

Picture of Mark Varnas

Mark Varnas

Hey I'm Mark, one of the guys behind Red9. I make a living performance tuning SQL Servers and making them more stable. I channel my SQL into our SQL Managed Services, SQL Consulting and our internal database products.

Leave a Reply

Your email address will not be published. Required fields are marked *