Test

VanMSFT · VanMSFT · commit dd8f2d93eb81 · 2020-05-06T12:31:57.000-07:00
diff --git a/articles/sql-database/sql-database-vulnerability-assessment-rules.md b/articles/sql-database/sql-database-vulnerability-assessment-rules.md
@@ -24,7 +24,7 @@ To learn about how to implement Vulnerability Assessment on SQL Databases see [I
 |Rule ID  |Rule Title  |Rule Category  |Rule Severity  |Rule Description  |Platform  |
 |---------|---------|---------|---------|---------|---------|
 | VA1017     |Execute permissions on xp_cmdshell from all users (except dbo) should be revoked         |AuthenticationAnd</br>Authorization         |High         |The xp_cmdshell extended stored procedure spawns a Windows command shell         |</nobr>SQL Server 2012+<sup>1</sup>         |
-| VA1018     |Latest updates should be installed         |InstallationUpdatesAnd</br>Patches         |High         |Microsoft periodically releases Cumulative Updates (CUs) for each version of SQL Server. This rule checks whether the latest CU has been installed for the particular version of SQL Server being used, by passing in a string for execution. This rule checks that all users (except dbo) do not have permission to execute the xp_cmdshell extended stored procedure. |<nobr>SQL Server 2005</nobr></br></br><nobr>SQL Server 2008</nobr></br></br><nobr>SQL Server 2008R2</nobr></br></br>SQL Server 2012</br></br>SQL Server 2014</br></br>SQL Server 2016</br></br>SQL Server 2017</br>|
+| VA1018     |Latest updates should be installed         |InstallationUpdatesAnd</br>Patches         |High         |Microsoft periodically releases Cumulative Updates (CUs) for each version of SQL Server. This rule checks whether the latest CU has been installed for the particular version of SQL Server being used, by passing in a string for execution. This rule checks that all users (except dbo) do not have permission to execute the xp_cmdshell extended stored procedure. |<nobr>SQL Server 2005</nobr></br></br></br><nobr>SQL Server 2008</nobr></br></br><nobr>SQL Server 2008R2</nobr></br></br>SQL Server 2012</br></br>SQL Server 2014</br></br>SQL Server 2016</br></br>SQL Server 2017</br>|
 |VA1020     |Database user GUEST should not be a member of any role         |AuthenticationAnd</br>Authorization         |High         |The guest user permits access to a database for any logins that are not mapped to a specific database user. This rule checks that no database roles are assigned to the Guest user.         |</nobr>SQL Server 2012+         |
 |VA1021     |Global temporary stored procedures should be removed         |DataProtection         |High         |A global temporary stored procedure is visible to all sessions and is dropped when the session of the user that created it is closed. This rule checks that there are no global stored procedures.         |</nobr>SQL Server 2012+         |
 |VA1022     |Ad-hoc distributed queries should be disabled         |SurfaceAreaReduction         |Medium         |Ad-hoc distributed queries use the `OPENROWSET` and `OPENDATASOURCE` functions to connect to remote data sources that use OLE DB. This rule checks that ad-hoc distributed queries are disabled.         |</nobr>SQL Server 2012+         |
