Unlock your potential with Microsoft Copilot
Get things done faster and unleash your creativity with the power of AI anywhere you go.
Security Update for SQL Server 2016 SP1 (KB4458842)
This update refreshes Microsoft SQL Server 2016 SP1.
Important! Selecting a language below will dynamically change the complete page content to that language.
Version:
13.0.4224.16
Date Published:
8/22/2018
File Name:
SQLServer2016-KB4458842-x64.exe
File Size:
699.6 MB
Executing a specially crafted query involving calculating difference between values of different date types and aggregation of the results, could lead to stack corruption, if the query runs in batch mode. Depending on particular values processed by such query, this could lead to terminating the SQL Server process, or a possibility of remote code execution. More information about the vulnerability can be found here: SQL Server 2016 SP1
The original update for this security vulnerability, KB4293801 released on August 14, 2018, introduced an issue where the sqlceip.exe process experiences an unhandled exception. For this reason, the update has been replaced. If you have previously applied KB4293801, it is recommended that you install KB4458842 as soon as possible. For other impacted SQL Server releases, please see:
Security Update for SQL Server 2016 SP1 CU(CU10+GDR)*
Security Update for SQL Server 2016 SP1 GDR
Security Update for SQL Server 2016 SP2 CU (CU2+GDR)*
Security Update for SQL Server 2016 SP2 GDR
Security Update for SQL Server 2017 RTM CU (CU9+GDR)*
Security Update for SQL Server 2017 RTM GDR
* These security updates are for SQL Server instances that have applied a Cumulative Update.
For a complete listing of the issues resolved in this update, see the associated Microsoft Knowledge Base article.Supported Operating Systems
Windows 10, Windows 8, Windows 8.1, Windows Server 2012, Windows Server 2012 R2, Windows Server 2016
This update is applicable to SQL Server 2016 SP1 instances installed on supported Windows Operating System.- This update refreshes Microsoft SQL Server 2016 SP1 (versions 13.0.4001.0 to 13.0.4223.10) that have not had a Cumulative Update applied.
For Microsoft SQL Server 2016 SP1 instances that have had any Cumulative Update applied (versions 13.0.4411.0(CU1) to 13.0.4514.0(CU10), please see 2016 SP1 CU. After you install this update, you may have to restart your computer.
Follow Microsoft