Risk with Not Patching and Upgrading SQL Server

| Posted on |

Working with SQL Server over the past 25 years for various organizations all over the world, I usually always find a database server that is well outside of support. I’d be willing to be that anyone reading this blog post in 2024 knows of a SQL 2000 or SQL 2005 instance out there. I hear of DBAs that are still working with SQL 2008 and 2012 on a regular basis. Why are all these old versions still persisting out there?

When a new version of SQL Server is released, it is given a ‘Mainstream Support end year” and “Extended Support end year” date for when they fall out of support. Prior to SQL Server 2019, its been 5 years for Mainstream Support and 5 years for Extended Support. With SQL 2019 and SQL 2022, Mainstream Support is 6 years and Extended another 5. See the chart below for records from SQL Server 2000 through 2022.

As you can see, SQL Server 2014 goes out of Extended Support this year, as a matter of fact, it just went out on July 9th 2024. At this time SQL 2019 and SQL 2022 are the only versions with Mainstream Support. SQL Server 2022, 2019, 2017, and 2016 have Extended Support still available.

Not Patching

Often times, I find servers that are running RTM versions or are grossly behind on Service Packs or Cumulative Updates. I understand that companies may have a reluctance to making changes, however updates contain code improvements, security updates, and sometimes new features. I always encourage companies to establish a process for testing updates and getting them into production on a regular basis.

Why this all matters

Regulatory and Compliance

Lots of organizations face strict compliance guidelines around being current and under support for major software products. Anything related to security is also a hot topic with compliance regulations.

Reputational Loss

Customers expect the businesses they work with to be current and up-to-date with technology. Many times older systems can be more unstable which can lead to unexpected downtime which can further degrade customer trust.

    Modernization

    Leveraging newer systems typically introduces new technological advantages. For SQL Server, newer versions have brought improvements in the query optimizer, tempdb contention improvements, Contained Availability Groups, and so much more. These improvements can provide better performance, security, and new options for your customers.

    Often times when you get to refresh environments, you can obtain infrastructure that is much faster and possibly reduce the number of cores for the workload, thus saving on license cost!

    Cloud Opportunities

    With the recent releases of SQL Server and direction that Microsoft is going, it has become much easier to connect to Azure for things like disaster recovery. IaaS and PaaS offerings have become popular with organizations to be able to get away from managing infrastructure and leveraging built-in options for high availability and disaster recovery.

    If you are stuck out there still supporting really old versions of SQL Server, it is past the time to start planning for upgrading those systems. Get your business plans together and present them to the people that need to approve that changes. If they don’t want to approve the upgrades, document the risk to have your protection in place.

    Leave a Reply

    Your email address will not be published. Required fields are marked *