Oct. ’23 security fixes

SQL Server has an update that fixes several vulnerabilities, for all modern versions, from SQL Server 2014 SP3 right on up to SQL Server 2022. (If you're on SQL Server 2012 or worse, sorry, you're out of luck.)

This is technically a GDR, but there are different updates depending on whether you want to stay out of the Cumulative Update (CU) train (which I really don't recommend).

Go get it! (Or just go through Windows Update, as you're probably behind on those, too.) The download links point to Windows; if you're on Linux, see the instructions on the relevant KB article.

Major version	Train	KB Article	New Build #
SQL Server 2022	CU	KB #5029503 \| download	16.0.4080.1
SQL Server 2022	GDR (no CUs)	KB #5029379 \| download	16.0.1105.1
SQL Server 2019	CU	KB #5029378 \| download	15.0.4326.1
SQL Server 2019	GDR (no CUs)	KB #5029377 \| download	15.0.2104.1
SQL Server 2017	CU	KB #5029376 \| download	14.0.3465.1
SQL Server 2017	GDR (no CUs)	KB #5029375 \| download	14.0.2052.1
SQL Server 2016 SP3	CU	KB #5029187 \| download	13.0.7029.3
SQL Server 2016 SP3	GDR (no CUs)	KB #5029186 \| download	13.0.6435.1
SQL Server 2014 SP3	CU	KB #5029185 \| download	12.0.6449.1
SQL Server 2014 SP3	GDR (no CUs)	KB #5029184 \| download	12.0.6179.1

By: Aaron Bertrand

I am a passionate technologist with industry experience dating back to Classic ASP and SQL Server 6.5. I am a long-time Microsoft MVP, write at Simple Talk, SQLPerformance, and MSSQLTips, and have had the honor of speaking at more conferences than I can remember. In non-tech life, I am a husband, a father of two, a huge hockey and football fan, and my pronouns are he/him.

daniel says:

October 12, 2023 at 2:20 PM

hi Aaron
you've linked the KB article for SQL 2016 SP 3 GDR in SQL 2016SP3 instead of KB5029186 – Description of the security update for SQL Server 2016 SP3 GDR: October 10, 2023
- Aaron Bertrand says:
  
  October 12, 2023 at 2:23 PM
  
  I sure did! Bad copy & paste, fixed, sorry about that!