KB4535305 - SQL Server Reporting Services remote code execution vulnerability

Symptoms

A remote code execution vulnerability exists in Microsoft SQL Server Reporting Services when it incorrectly handles page requests. See CVE-2020-0618 for details.

Resolution

To fix this issue in the products that are listed in “Applies to,” install the following security update, as appropriate:

Description of the security update for SQL Server 2016 SP2 CU11: February 11, 2020
Description of the security update for SQL Server 2016 SP2 GDR: February 11, 2020
Description of the security update for SQL Server 2014 SP3 CU4: February 11, 2020
Description of the security update for SQL Server 2014 SP3 GDR: February 11, 2020
Description of the security update for SQL Server 2012 SP4 GDR: February 11, 2020

KB4535305 - SQL Server Reporting Services remote code execution vulnerability

Symptoms

Resolution

Need more help?

Want more options?

Was this information helpful?

Thank you for your feedback!