I have received vulnerability on Microsoft SQL server 2008 (RTM)
[high] [1433/tcp/mssql] TLS Version 1.2 Protocol Not Enabled
TLS v1.2 is not enabled on this port.
Already enabled TLS 1.2 on OS level (Windows Server 2008 R2).
below are the details Product version:
Microsoft SQL server 2008 (RTM) – 10.0.1600.22(x64)
Product level: RTM Product Edition : Express edition(64bit)
Whether I need to go for SQL Server 2008 SP4 10.0.6547.0(First build supports TLS 1.2)
Please let me know how to resolve this issue.
Best Answer
There is this KB article, which lists the required updates you need to install https://support.microsoft.com/en-us/kb/3135244 , which also lists which updates are needed on the client machines trying to connect to a TLS 1.2 enabled SQL Server.
Also, read http://blogs.sqlsentry.com/aaronbertrand/tls-1-2-support-read-first/ , which lists known problems and caveats. It states