Note: This update is made available through the Microsoft Update Catalog for all servers that are running SQL Server, even if Reporting Services is not installed. Installing this security update is optional for computers that do not host Microsoft SQL Server Reporting Services.

The MANIFEST files (.manifest) and the MUM files (.mum) that are installed for each environment are listed separately in the "Additional file information for Windows 7 and Windows Server 2008 R2" section. MUM and MANIFEST files, and the associated security catalog (.cat) files, are critical to maintaining the state of the updated component.

An attacker who successfully exploited the vulnerability might bypass secure boot and load untrusted software. This security update addresses the vulnerability by adding the signatures of the known vulnerable UEFI modules to the DBX. To learn more about this security vulnerability, see the following advisory:

Symptoms. In a Microsoft Exchange Server 2013 environment, when you restart a Database Availability Group (DAG) node that contains active database copies, the healthy copies on other DAG nodes cannot be enabled. Meanwhile, event ID 4999 for MSExchangeRepl.exe is logged in the Application event log multiple times until the restarted node comes ...

Cause. AutodiscoverV1 isn't in the enumeration of SupportedProtocol. The result is that in the ResourceUrlBuilder.GetResourceUrlSuffixForProtocol method, the wrong enumeration value is computed. When the code uses Enum.TryParse, it doesn't check the return value to see whether the parse is successful.

When you use AlwaysOn Availability Group, Database Mirroring, or Service Broker in Microsoft SQL Server, the encrypted endpoint communication with Transport Layer Security (TLS) protocol version 1.2 fails. Additionally, you receive the following error message in the SQL Server Error log: Connection handshake failed.

Cause. This problem occurs because permission isn't handled correctly when accessing some components. Resolution. To fix this problem, install Cumulative Update 10 for Exchange Server 2016 or a later cumulative update for Exchange Server 2016. Status.

Summary. This update addresses a known issue that affects the Local Security Authority Subsystem Service (LSASS). It might leak memory on domain controllers (DCs). This issue occurs after you install KB5035885 (March 12, 2024).

Symptoms. You cannot connect to a server that is running Microsoft SQL Server 2014 or SQL Server 2012 by using the Transport Layer Security (TLS) protocol version 1.2. Additionally, the following error message is logged in the SQL Server error log: TDSSNIClient initialization failed with error 0x80090331, status code 0x80.

Fixes a problem in which you receive a “Could not load file or assembly 'Microsoft.AnalysisServices.AdomdClientUI” error message when a Process Full operation is run in SQL Server.