Security Updates for Microsoft SQL Server ODBC Driver (June 2023)
For Linux and macOS users, updates should be applied via your system's package manager (e.g., apt , yum , or brew ).
These vulnerabilities typically require an attacker to trick a user into connecting to a malicious SQL Server, often through social engineering or a specially crafted file. Affected Versions and Remediation
: Execute the .msi file and follow the prompts to upgrade your existing installation.
The June 2023 security rollout primarily addressed several high-severity RCE flaws, including:
If you use the drivers in a standalone application or on a web/app server, you should manually download the latest versions from the Official Microsoft Download Center .
If the drivers were installed as part of a SQL Server instance, these updates were included in SQL Server 2022 Cumulative Update 5 (CU5) and SQL Server 2019 Cumulative Update 21 (CU21) . Updating your SQL Server instance to these versions will automatically remediate the driver vulnerabilities for that installation. How to Download and Install