SMT 1.6 mid-year release
by Jiri Dolezalek on 30/06/2022New version of our SQL Monitoring and Performance Tuning tool ready right in the middle of the year
Read moreWe would like to inform you in this form of an important event (about which you may already know yourself). It also applies to the security of your SQL Servers. We think we should have this initiative from our side.
This is a new form of Spectre (branch target injection) and Meltdown (rogue data cache load) attacks that opens the attacker software's ability to interfere with OS isolation and gain access to sensitive encrypted data of other applications in the server's memory. This bug is caused by the bugs found in the processor architecture (Intel) running on (usally) all of your SQL servers. More Info about these attacks can be found here and here. The problem concerns both physical and virtualization hosts.
What to do:
Verify the status of your servers using the PWshell tool.
It is necessary to go to the pages of each vendor of your Hardware and follow their recommendations. This will primarily involve patching the BIOS, OS, and application layer. From the point of view of Microsoft, we already know that it is pushing for new security updates for OS (KB4056892) that need to be implemented, in the SQL Server area and we are expecting the release of new CUs in the near future (so far we have release only for SQL 2016 SP1 and 2017).
Impact on building systems. After deploying fixes, your systems will experience performance in single-threaded operations typically maintained by the server in RAM and by shared IO disk readings (including NvME). So OLTP transaction systems will record a serious 8-20% performance slowdown. It should be remembered that this can not be avoided if you do not want to operate our systems in an unsecured environment. We still recommend to patch servers and secure them from this thread.
More information about the event is also provided by the vendors themselves.
Cisco
CPU Side-Channel Information Disclosure Vulnerabilities
Dell
Microprocessor Side-Channel Attacks (CVE-2017-5715, CVE-2017-5753, CVE-2017-5754): Impact on Dell products (This is for client hardware)
Fujitsu
CPU hardware vulnerable to side-channel attacks (CVE-2017-5715, CVE-2017-5753, CVE-2017-5754)
HPE
Huawei
IBM
Lenovo
Reading Privileged Memory with a Side Channel
Resources (Thanks to Glenn Berry):
https://www.sqlskills.com/blogs/glenn/performance-effects-of-meltdown-and-partial-spectre-fixes-on-intel-core-i7-7500u-laptop/
Michal Tinthofer is the face of the Woodler company which (as he does), is fully committed to complete support of Microsoft SQL Server products to its customers. He often acts as a database architect, performance tuner, administrator, SQL Server monitoring developer (Woodler SMT) and, last but not least, a trainer of people who are developing their skills in this area. His current "Quest" is to help admins and developers to quickly and accurately identify issues related to their work and SQL Server runtime.
New version of our SQL Monitoring and Performance Tuning tool ready right in the middle of the year
Read moreI think there is more simple and harmless way. First we need to understand the process of tempdb collation setting.
Read more