Changes are coming to https://stigviewer.com.
Take our survey to help us understand your usage and how we can better serve you in the future.
Take Survey
The latest security patches should be installed.
Overview
| Finding ID | Version | Rule ID | IA Controls | Severity |
|---|---|---|---|---|
| V-5659 | DG0003-SQLServer9 | SV-24117r2_rule | VIVM-1 | Medium |
| Description |
|---|
| Maintaining the currency of the software version protects the database from known vulnerabilities. |
| STIG | Date |
|---|---|
| Microsoft SQL Server 2005 Instance Security Technical Implementation Guide | 2015-06-16 |
Details
| Check Text ( C-19492r2_chk ) |
|---|
| From the query prompt: SELECT CONVERT(CHAR(13), SERVERPROPERTY('ProductVersion')) Where format is in major.minor.build From the query prompt: SELECT CONVERT(CHAR(3), SERVERPROPERTY('ProductLevel')) Where value: RTM = Original release version (no service packs installed) SPn = Service Pack Level Note: HOTFIXes are generated and applied to specific Service Packs and are reflected in the Product Version build segment as an incremental version. Product Release Service Pack Product Version SQL Server 9 (2005) SP3 9.00.4230 For any product listed above, if the Product Version is the same or numerically higher than what is listed above, this is Not a Finding. If the Product Version is numerically lower, this is a Finding. Note: If any update has been released that is deemed by Microsoft to be a critical update, this check should be assigned a Severity Category of I. Supported versions and Service Packs are listed on the Microsoft web sites: http://support.microsoft.com/gp/lifeselectserv http://support.microsoft.com/kb/321185/en-us (lists version numbers) |
| Fix Text (F-19563r1_fix) |
|---|
| Upgrade to the latest SQL Server Service Pack. Apply all applicable Microsoft SQL Server critical updates and HOTFIXes. |