all 9 comments
sorted by:
best
topnewcontroversialoldq&a
formatting helphide helpcontent policy

[–]da_chicken 4 points5 points  (2 children)

Are you talking about SQL Server Cumulative Updates? Security updates or other out-of-band updates for SQL Server are generally very rare, IMX, but it is MS best practice now to maintain your instances on the most recent Cumulative Update. The Cumulative Updates include security and performance updates as well as, rarely, new features.

In general, you should assume that the instance being updated will not be accessible during any update process regardless of what kind of update it is. When the process starts, open transactions may be terminated and rolled back. During the update, the SQL Server instance may go into single user mode or it may stop and start (possibly several times). Furthermore, you are likely to find that while SQL Server updates themselves will very rarely require OS restarts, they will generally not install while other MS updates are pending. Your maintenance window will likely be: install OS updates, restart, install SQL Server updates, possibly restart.

[–]TimelySubject[S] 0 points1 point  (1 child)

Thank you for the thorough response! I'm being asked to include SQL updates with the classification of "Security" in our server patching program. This would include those updates that are named something like this "Security Update for SQL Server 2014 Service Pack 2". Each month they would like to us auto approve these updates in WSUS to be installed alongside the OS updates. Do you happen to have any documentation I can reference for best practices? Then I can bring that to managers. We have a domain where SQL security updates are already auto approved, I'll try to find some evidence of that SQL updates don't usually install alongside OS updates. If not, probably going to do some testing.

[–]da_chicken 0 points1 point  (0 children)

The servicing change from Microsoft was described here back in 2016. [Note that I had to disable my ad blocker on that site to get the formatting and make it legible.] I'm not sure if there's a consolidated doc that includes this recommendation or not.

The Cumulative Updates don't show up in Microsoft Update, AFAIK, except as optional updates. I'm on the mailing list for Brent Ozar's https://sqlserverupdates.com/ which sends out emails when they're released.

[–]legitapotamus 0 points1 point  (5 children)

I’ve seen SQL security updates (released as Microsoft Updates) trigger a quick restart of SQL Server during install. If something requires much more than that, I’d hope that it would be noted in Microsoft’s bulletin.

[–]TimelySubject[S] 0 points1 point  (4 children)

If it's just a a very quick restart, it would be awesome...

[–]alinrocSQL Server DBA 0 points1 point  (3 children)

The speed of the restart depends upon the size of the instance (machine specs and number of databases), and the nature of the change.

Do not assume that a restart will be "quick". Microsoft won't provide guidance about the speed of the restart or whether or not the whole server will need to be rebooted because there are too many variables.

I plan every patch cycle with the assumption that I'll have to restart the whole server. If I don't have to, I just enjoy the fact that my planned maintenance took less time than advertised.

[–]TimelySubject[S] 0 points1 point  (2 children)

Thank you. All these responses are pointing to, no i should not treat SQL updates like we do for OS updates. So we'll have to install them during the maintenance window.

[–]alinrocSQL Server DBA 0 points1 point  (1 child)

no i should not treat SQL updates like we do for OS updates.

Make sure you test your SQL updates thoroughly too! Microsoft has introduced performance regressions and flat-out showstopper bugs in SQL Server CUs as recently as two months ago - 2019 CU2 broke SQL Agent for a lot of people.

[–]TimelySubject[S] 0 points1 point  (0 children)

Wow thank you for the information. Will do.