Oct. '23 security fixes
October 12th, 20232
Oct. '23 security fixes
October 12th, 20232

SQL Server has an update that fixes several vulnerabilities, for all modern versions, from SQL Server 2014 SP3 right on up to SQL Server 2022. (If you're on SQL Server 2012 or worse, sorry, you're out of luck.)

This is technically a GDR, but there are different updates depending on whether you want to stay out of the Cumulative Update (CU) train (which I really don't recommend).

Go get it! (Or just go through Windows Update, as you're probably behind on those, too.) The download links point to Windows; if you're on Linux, see the instructions on the relevant KB article.

Major version Train KB Article New Build #
SQL Server 2022 CU KB #5029503  | download 16.0.4080.1
GDR (no CUs) KB #5029379  | download 16.0.1105.1
SQL Server 2019 CU KB #5029378  | download 15.0.4326.1
GDR (no CUs) KB #5029377  | download 15.0.2104.1
SQL Server 2017 CU KB #5029376  | download 14.0.3465.1
GDR (no CUs) KB #5029375  | download 14.0.2052.1
SQL Server 2016 SP3 CU KB #5029187  | download 13.0.7029.3
GDR (no CUs) KB #5029186  | download 13.0.6435.1
SQL Server 2014 SP3 CU KB #5029185  | download 12.0.6449.1
GDR (no CUs) KB #5029184  | download 12.0.6179.1
By: Aaron Bertrand

I am a passionate technologist with industry experience dating back to Classic ASP and SQL Server 6.5. I am a long-time Microsoft MVP, write at Simple Talk, SQLPerformance, and MSSQLTips, and have had the honor of speaking at more conferences than I can remember. In non-tech life, I am a husband, a father of two, a huge hockey and football fan, and my pronouns are he/him.

2 Responses

  1. daniel says:

    hi Aaron
    you've linked the KB article for SQL 2016 SP 3 GDR in SQL 2016SP3 instead of KB5029186 – Description of the security update for SQL Server 2016 SP3 GDR: October 10, 2023