Step 5: Deploy hotfixes

Again, if the system you are patching is critical and highly sensitive, it is generally recommended that you patch it manually at the console by simply executing the hotfix file directly. However, for less critical systems (like developer desktops), you may want to deploy the hotfixes remotely. Luckily, hotfixes released in the past few years come with a nice installer that makes it much easier to perform remote installations.

For example, to quietly install a SQL Server 2000 hotfix locally, you could execute the following command at the command prompt:


sql2000-kb810185-8.00.0878-enu.exe /s /a /q

Using tools like psexec from the free

    Requires Free Membership to View pstools suite, you can perform the same command to a remote machine like this:


Psexec \\remotemachine -c -d sql2000-kb810185-8.00.0878-enu.exe /s /a /q

This will copy the entire hotfix to the remote machine and execute the silent installation on the remote machine without waiting for the process to complete. Using a script, you can deploy hundreds of hotfixes in a matter of minutes, assuming you have the bandwidth and the installations can occur on each machine in parallel.

The complete set of command-line options for the SQL Server hotfix installer are as follows:

Option         Definition
------         ----------
/s             Disable Self Extraction progress dialog
/a             Unattended mode 
/q             Silent mode
/allinstances  Patches all instances of SQL Server
INSTANCENAME   Entered as INSTANCENAME=yourinstancename
BLANKSAPWD     BLANKSAPWD=1 if you have a blank sa password 
SAPWD          SAPWD=yourpw for non-blank sa password


 Home: Introduction
 Step 1: Segregate your scan results
 Step 2: Obtain service packs and prepare for deployment
 Step 3: Deploy service packs
 Step 4: Obtain hotfixes and prepare for deployment
 Step 5: Deploy hotfixes
 Step 6: Re-assess network
 Step 7: Plan next assessment
 Back: How to patch SQL Server, part 1

Chip Andrews, CISSP
Chip Andrews is the director of research and development for Special Ops Security Inc. and the founder of the Web site, which focuses on Microsoft SQL Server security topics and issues. He is also the author of SQL Server Security.
Copyright 2005 TechTarget


There are Comments. Add yours.

TIP: Want to include a code block in your comment? Use <pre> or <code> tags around the desired text. Ex: <code>insert code</code>

REGISTER or login:

Forgot Password?
By submitting you agree to receive email from TechTarget and its partners. If you reside outside of the United States, you consent to having your personal data transferred to and processed in the United States. Privacy
Sort by: OldestNewest

Forgot Password?

No problem! Submit your e-mail address below. We'll send you an email containing your password.

Your password has been sent to: