Join Log in
Score:0
SiBrit avatar Server

"Unknown token received from SQL Server" errors since recent Windows Updates

ae flag
SiBrit

I posted a question to Stack Overflow about this error when it started occurring for our older Delphi 7 applications on Windows 10.

It is now happening on Windows Server 2012 R2 systems that had these recent updates:

  • KB5020690
  • KB5019958
  • KB5020023
  • KB5020010
  • KB5020680

We uninstalled KB5019958, thinking it was the most likely culprit, but that didn't fix the issue. Rolling back all 5 updates did fix it though. We have another server exhibiting the same problem, so we will roll each update back and test until the error is gone, then reinstall all the other updates to ensure it's not a combined affect.

It is certainly a client issue, as the SQL Server 2014 machine does have these updates installed, so our program falls over when run directly on that server, but not when run on the remote app server where the updates have been rolled back which is connecting to that SQL server.

EDIT 21/11

After trial and error, we found that if the update for either KB5020010 or KB5020023 was installed, then the older Delphi 7 programs threw the error.

Interestingly, both these updates

Addresses security vulnerabilities in the Kerberos and Netlogon protocols

No mention on the KB articles about the updates affecting SQL Server connections.

1988
3 + 3
djdomi avatar
za flag
djdomi
Delphi 7 has died on 2008. there was enough time to find a supported solution in the meanwhile. It's similar to newer Kernel as also win11 cutting the old unmaintained environments out. I never see since the 2k's a Delphi application on the most of my support time ever. Not all affected applications will be inserted into the KB text.
0
Reply
cn flag
Greg Askew
Turns out SQL Server is affected by authentication issues. What has your organization done to prepare for and audit the Kerberos changes described in the KB articles and the linked article: https://support.microsoft.com/KB/5020805
1
Reply
SiBrit avatar
ae flag
SiBrit
Interesting. But the Windows Update was applied to the application servers, not the domain controllers, so why would that break it? It's just annoying that the change to the client SQL drivers in the update breaks our applications. They are drivers. It should have no affect.
0
Reply
Score:2
Faunce avatar Server
pa flag
Faunce

Sorry not answer, but not enough rep to comment.

Same issue here. Affected a 2012R2 RDS deployment to a legacy app that uses ODBC's SQL Driver. All this is related to https://msrc.microsoft.com/update-guide/en-US/vulnerability/CVE-2022-41048 Microsoft ODBC Driver Remote Code Execution Vulnerability. Rollback helped.

+ 1
bjoster avatar
cn flag
bjoster
You need more rep.
0
Reply
Score:0
Shamieg Jardine avatar Server
ar flag
Shamieg Jardine

Thank you, this was an extremely useful post in finding the root cause of the strange database related errors from Maximizer v10 application accessing a SQL database on Windows Server 2012 R2.The application would post several DATAMANAGER error code 19 exceptions. Uninstalling KB5020010 resolved this issue. I think that KB5020023 might need to be uninstalled too.

+ 0
Score:0
Tax Max avatar Server
th flag
Tax Max

We got the same issue. All this is related to https://msrc.microsoft.com/update-guide/en-US/vulnerability/CVE-2022-41048 Microsoft ODBC Driver Remote Code Execution Vulnerability. Rollback helped.

+ 0
ธงชาติไทย
Elon Musk
I sit in a Tesla and translated this thread with Ai:

mangohost

Post an answer

Most people don’t grasp that asking a lot of questions unlocks learning and improves interpersonal bonding. In Alison’s studies, for example, though people could accurately recall how many questions had been asked in their conversations, they didn’t intuit the link between questions and liking. Across four studies, in which participants were engaged in conversations themselves or read transcripts of others’ conversations, people tended not to realize that question asking would influence—or had influenced—the level of amity between the conversationalists.