Microsoft ODBC Driver 17.10.4 for SQL Server ( download).The vulnerabilities require a potential attacker to direct a connection to a malicious server, so if your scenario allows that, you should update.įor Windows installations, you can directly download the packages: If you have deployed the drivers as part of a standalone application, you may want to consider updating them. If you use the drivers in the context of either of those installs, those updates will update the drivers for you. These driver updates are included in SQL Server 2019 CU21 and SQL Server 2022 CU5. CVE-2023-29356 - Microsoft ODBC Driver for SQL Server Remote Code Execution VulnerabilityĪll the issues involve a malicious server sending malicious data in order to compromise a client.CVE-2023-32025 - Microsoft ODBC Driver for SQL Server Remote Code Execution Vulnerability.CVE-2023-32026 - Microsoft ODBC Driver for SQL Server Remote Code Execution Vulnerability.CVE-2023-32027 - Microsoft ODBC Driver for SQL Server Remote Code Execution Vulnerability.CVE-2023-32028 - Microsoft OLE DB Remote Code Execution Vulnerability.CVE-2023-29349 - Microsoft ODBC and OLE DB Remote Code Execution Vulnerability. Related CVEs for these updates are the following: Microsoft OLE DB Driver 19.3.1 for SQL Server ( release notes) ( download).Microsoft OLE DB Driver 18.6.6 for SQL Server ( release notes) ( download).Microsoft ODBC Driver 18.2.2 for SQL Server ( release notes) ( download).Microsoft ODBC Driver 17.10.4 for SQL Server ( release notes) ( download).We've released hotfix packages for the following drivers to address important security issues:
0 Comments
Leave a Reply. |
AuthorWrite something about yourself. No need to be fancy, just an overview. ArchivesCategories |