There is a patch available for four elevation of privilege vulnerabilities recently discovered in SQL Server.
This security update resolves four privately disclosed vulnerabilities. The more serious of the vulnerabilities could allow an attacker to run code and to take complete control of an affected system. An authenticated attacker could then install programs; view, change, or delete data; or create new accounts with full administrative rights.
Microsoft Baseline Security Analyzer can detect whether your computer system requires this update. The update may require a restart.
Get the update here: