Applies ToSQL Server 2019 SQL Server 2017 on Windows SQL Server 2016 Service Pack 2 SQL Server 2014 SQL Server 2012 Service Pack 4

Symptoms

Data can be sent over a network to an affected Microsoft SQL Server instance that may cause code to run against the SQL Server process if a certain extended event is enabled. See CVE-2021-1636 for detailed information.

Resolution

To fix this issue in the products that are listed in “Applies to,” install the following security update, as appropriate:

Need more help?

Want more options?

Explore subscription benefits, browse training courses, learn how to secure your device, and more.