MS15-058 SQL Server Security Bulletin Released

A security bulletin for SQL Server has been released on 7/14/2015. This applies to SQL Server 2008, 2008 R2, 2012, and 2014 releases. Please see the bulletin and KB links below for details on the fixes and how to download.

Bulletin #

KB

Title

Severity

Impact

MS15-058

3065718

Vulnerabilities in SQL Server Could Allow Remote Code Execution

Important

Remote Code Execution

 

You can find the individual KB articles for each release in the table below.

The General Distribution Release (GDR) and Quick Fix Engineering (QFE) designations correspond to the two different update servicing branches in place for SQL Server. The primary difference between the two is that QFE branches cumulatively include all updates while GDR branches include only security updates for a given baseline. A baseline can be the initial RTM release or a Service Pack.

For any given baseline, either the GDR or QFE branch updates are options if you are at the baseline or have installed a previous GDR update for that baseline. The QFE branch is the only option if you have installed a previous QFE for the baseline you are on.

KB #

Title

Apply If Current Product Version Is…

This Security Update also includes servicing releases up through…

3045305

MS15-058: Description of the security update for SQL Server 2008 Service Pack 3 GDR: July 14, 2015

10.00.5500.00 or 10.00.5520.00

2008 SP3 GDR (MS14-044)

3045303

MS15-058: Description of the security update for SQL Server 2008 Service Pack 3 QFE: July 14, 2015

10.00.5500.00 - 10.00.5869.00

2008 SP3 CU17

3045311

MS15-058: Description of the security update for SQL Server 2008 Service Pack 4 GDR: July 14, 2015

10.0.6000.29

2008 SP4

3045308

MS15-058: Description of the security update for SQL Server 2008 Service Pack 4 QFE: July 14, 2015

10.0.6000.29 - 10.0.6526.0

2008 SP4

3045313

MS15-058: Description of the security update for SQL Server 2008 R2 Service Pack 2 GDR: July 14, 2015

10.50.4000.0 or 10.50.4033.0

2008 R2 SP2 GDR (MS14-044)

3045312

MS15-058: Description of the security update for SQL Server 2008 R2 Service Pack 2 QFE: July 14, 2015

10.50.4000.0 - 10.50.4331.0

2008 R2 SP2 CU13

3045316

MS15-058: Description of the security update for SQL Server 2008 R2 Service Pack 3 GDR: July 14, 2015

10.50.6000.34

2008 R2 SP3

3045314

MS15-058: Description of the security update for SQL Server 2008 R2 Service Pack 3 QFE: July 14, 2015

10.50.6000.34 - 10.50.6525.0

2008 R2 SP3

3045318

MS15-058: Description of the security update for SQL Server 2012 SP1 GDR: July 14, 2015

11.0.3000.0 or 11.0.3153.0

2012 SP1 GDR (MS14-044)

3045317

MS15-058: Description of the security update for SQL Server 2012 SP1 QFE: July 14, 2015

11.0.3000.0 - 11.0.3492.0

2012 SP1 CU16

3045321

MS15-058: Description of the security update for SQL Server 2012 Service Pack 2 GDR: July 14, 2015

11.0.5058.0

2012 SP2

3045319

MS15-058: Description of the security update for SQL Server 2012 Service Pack 2 QFE: July 14, 2015

11.0.5058.0 - 11.0.5592.0

2012 SP2 CU6

3045324

MS15-058: Description of the security update for SQL Server 2014 GDR: July 14, 2015

12.0.2000.8 or 12.0.2254.0

2014 RTM GDR (MS14-044)

3045323

MS15-058: Description of the security update for SQL Server 2014 QFE: July 14, 2015

12.0.2000.8 - 12.0.2546.0

2014 RTM CU8

3070446

MS15-058: Description of the non-security update for SQL Server 2014 Service Pack 1 GDR: July 14, 2015

12.0.4100.1

2014 SP1