A survey of SQL Server instances has found that more than half don’t have the most recent service pack installed and that an even larger proportion are running versions of SQL Server that are no longer supported.
The survey was initiated by Paul Randal, CEO of SQLskills.com and reported on his blog. He collected results for 3085 SQL Server instances from several hundred respondents then analyzed the results to worked out what release number and versions the build numbers corresponded to. His shocking revelations are:
51% of all instances in the survey are out of date, by at least not being on the latest SP build, and 53% of all instances in the survey are unsupported.
The statistics, based on 3085 SQL Survey instances are summarized in this table:
Less than 6% of the respondents to the survey are running SQL Server 2102 and even a quarter of these don't have the most recent service pack installed. This raises lots of questions. Randal speculates that there are reasons why companies stay with older unsupported versions of SQL Server, in particular where they are running a third party application that isn’t certified on new versions. However, deciding not to install a service pack leaves the server open to attack from known weaknesses.
It’s interesting, but perhaps unsurprising, that 41 per cent of the instances are still running on SQL Server 2005; the performance leap from 2000 to 2005 was substantial, but the subsequent performance gains with 2008, 2008 R2 and even 2012 aren’t nearly as impressive, and if you’re not using the new features, there will be many administrators and developers thinking along the lines of ‘if it’s not broke, don’t fix it’. However, given the fact that support for 2005 has ended, and support for 2008 and 2008R2 is in the process of ending, this does mean that over 50 per cent of the installations are running without support from Microsoft.
As Paul Randal says, while there are many reasons to still be running an older version of SQL Server, at least be running the most recent Service Pack or Cumulative Update if you’re able to!
Having fixed several bugs in its ads code internally, Facebook is hoping to get whitehat hackers to uncover any more that are lurking. From now until the end of the year it will pay out double for bug [ ... ]