A buffer overflow vulnerability exists in the Microsoft SQL Server that could allow remote code execution on an affected system. An attacker who successfully exploits this vulnerability could execute code in the context of the SQL Server Database Engine service account.
To learn more about the vulnerability, go to CVE-2018-8273.
The original update KB 4293807 for this security vulnerability was released on August 14, 2018. It exposed certain testing trace flags that were not intended for public release. These trace flags are usually off by default. Therefore, the update has been replaced. If you have previously applied the original update KB 4293807, we recommend that you install KB 4458621 as soon as possible.