Security Updates Available for SQL Server 2008, 2008 R2, 2012, 2014
If you are running 2008 SP3, 2008 R2 SP2, 2012 SP1 (SP2 is not affected, RTM is no longer supported), or 2014, you'll want to check out Security Bulletin MS14-044 for details on a denial of service / privilege escalation issue that has been patched:
For SQL Server 2012 and SQL Server 2014, I've blogged about recent builds and recommendations here:
MOST IMPORTANTLY: Beware that this security update may cause an issue with replication on SQL Server 2012 SP1, as reported by multiple people. If you are on 2012 SP1 and using replication, please don't install this fix until Connect #950118 has been addressed.