Security Update – MS09-062

Article
11/18/2009

Hello,

Normally, two releases of a SQL security update are released:

GDR (General Distribution Release)
QFE (Quick Fix Engineering)

The GDR release must be applied to all the SQL Server instances that keeps the RTM build or for the cases where only a Service Pack was installed.

The QFE release must be applied for the remaining cases. This means that the QFE version needs to be applied on the cases where a hotfix (generic SQL hotfix or a cumulative update) or a previous security update were installed after the initial installation (RTM) or after a Service Pack installation.

You can find all the information about the MS09-062 security update following this link:

Microsoft Security Bulletin MS09-062 - Critical

https://www.microsoft.com/technet/security/bulletin/MS09-062.mspx

Note:

This security update must be applied also on the cases where you have the Reporting Services role installed on a different machine from where you have the Database Engine role installed:

Reporting Services and the MS09-062 GDR (GDI+)

https://blogs.msdn.com/psssql/archive/2009/10/15/reporting-services-and-the-ms09-062-gdr-gdi.aspx

The same is true for the cases you’ve the Visual Studio 2005/2008 installed to create/update a report or a Integration Services package on a different machine:

GDI+ Updated

https://blogs.msdn.com/brianhartman/archive/2009/10/13/gdi-updated-again.aspx

Cheers,

Security Update – MS09-062

Additional resources