InformationThe clr enabled option specifies whether user assemblies can be run by SQL Server.
Enabling use of CLR assemblies widens the attack surface of SQL Server and puts it at risk from both inadvertent and malicious assemblies.
SolutionRun the following T-SQL command:
EXECUTE sp_configure 'clr enabled', 0;
If CLR assemblies are in use, applications may need to be rearchitected to eliminate their usage before disabling this setting. Alternatively, some organizations may allow this setting to be enabled 1 for assemblies created with the SAFE permission set, but disallow assemblies created with the riskier UNSAFE and EXTERNAL_ACCESS permission sets. To find user-created assemblies, run the following query in all databases, replacing <database_name> with each database name:
SELECT name AS Assembly_Name, permission_set_desc
WHERE is_user_defined = 1;
By default, this option is disabled.