How to apply ESU patches to your SQL Server 2012 servers
When running End of Support servers or SQL installs, it’s important to ensure you are receiving security patches for these servers/installs. It's also important to be actively planning to replace them with newer versions.
In this blog post we walk through the process of ensuring you are subscribed to the relevant SQL Server 2012 Extended Security Updates (ESU) via Azure Arc. As well as walking you through the process of finding the latest patches and applying them.
Prerequisites
- Azure Subscription
- Azure Arc installed on your server
- Azure Extension for SQL Server enabled on the server
- Subscribe to Extended Security Updates (ESU) for SQL Server
SQL Server Configuration
To receive patches for your SQL Server 2012 installs you need to subscribe to receive the Extended Security Updates (ESU).
You must ensure that you have configured the “Licence Type” correctly and subscribed to the Extended Security Updates (ESU).
You can check this by following these steps:
Open your Azure Portal
Select the Azure Arc management blade
Click on SQL Server Instances down the left-hand side
Select a SQL server
Under SQL Server configuration you should see the licence type has been configured and the ESU subscription is Enabled
If these settings are not applied, or set you can click on SQL Server configuration to correct this and set the required settings.
Download the Extended Security Updates for SQL Server 2012
Once you have subscribed to the ESU subscription the service will take a few moments to update and provide feedback to you regarding the available patches for your server. Once this update has happened under the “Security” section on the left-hand side menu you will see an option called Extended Security Updates.
If you select this you will be shown a list of updates available for you to download and install on your server.
In this example, I am being shown two patches. They are the same patch, but one is relevant to x64 architecture and one for x86 architecture. You would only need to download and apply the patch relevant to your architecture.
In this scenario, I am running a x64 server so I would use the download link for the x64 patch, which is the top one in the screenshot.
By clicking on the download link I get an .exe file that I can manually install on my server.
Install Extended Security Updates for SQL Server 2012
With the patch, or exe file downloaded you can now install it on your server. To do this double check on the exe.
You will be prompted by a security warning asking if you want to proceed, click on Run.
The file will start to extract and launch the install wizard.
Walk through the install process as directed, and the patch will install successfully.
Check an Extended Security Updates for SQL Server 2012 has been installed
To check if the patch has been installed correctly you can open up SQL Management Studio and connect to your instance.
Open up a New SQL query and type in:
select @@version
When you execute this query it will respond with the SQL version. It should denote the last patch you installed. In this example the patch I installed was KB5021123 and when I executed the query I got the output:
The version has been updated with the patch.
Conclusion
In conclusion, ensuring the security and functionality of your End of Support servers and SQL installs is paramount.
By following the steps outlined in this blog, from subscribing to Extended Security Updates via Azure Arc to downloading and installing the latest patches, you can confidently keep your environment protected and up-to-date.
Stay proactive in managing your server infrastructure to mitigate risks and ensure smooth operations for your organization.