A security bulletin for SQL Server has been released on 7/14/2015. This applies to SQL Server 2008, 2008 R2, 2012, and 2014 releases. Please see the bulletin and KB links below for details on the fixes and how to download.
Bulletin # | KB | Title | Severity | Impact |
Vulnerabilities in SQL Server Could Allow Remote Code Execution | Important | Remote Code Execution |
You can find the individual KB articles for each release in the table below.
The General Distribution Release (GDR) and Quick Fix Engineering (QFE) designations correspond to the two different update servicing branches in place for SQL Server. The primary difference between the two is that QFE branches cumulatively include all updates while GDR branches include only security updates for a given baseline. A baseline can be the initial RTM release or a Service Pack.
For any given baseline, either the GDR or QFE branch updates are options if you are at the baseline or have installed a previous GDR update for that baseline. The QFE branch is the only option if you have installed a previous QFE for the baseline you are on.
KB # | Title | Apply If Current sqlservr.exe File Version Is… |
MS15-058: Description of the security update for SQL Server 2008 Service Pack 3 GDR: July 14, 2015 | 2007.100.5500.0 or 2007.100.5512.0 | |
MS15-058: Description of the security update for SQL Server 2008 Service Pack 3 QFE: July 14, 2015 | 2007.100.5500.0 - 2007.100.5869.0 | |
MS15-058: Description of the security update for SQL Server 2008 Service Pack 4 GDR: July 14, 2015 | 2007.100.6000.0 | |
MS15-058: Description of the security update for SQL Server 2008 Service Pack 4 QFE: July 14, 2015 | 2007.100.6000.0 - 2007.100.6526.0 | |
MS15-058: Description of the security update for SQL Server 2008 R2 Service Pack 2 GDR: July 14, 2015 | 2009.100.4000.0 or 2009.100.4033.0 | |
MS15-058: Description of the security update for SQL Server 2008 R2 Service Pack 2 QFE: July 14, 2015 | 2009.100.4000.0 - 2009.100.4331.0 | |
MS15-058: Description of the security update for SQL Server 2008 R2 Service Pack 3 GDR: July 14, 2015 | 2009.100.6000.0 | |
MS15-058: Description of the security update for SQL Server 2008 R2 Service Pack 3 QFE: July 14, 2015 | 2009.100.6000.0 - 2009.100.6525.0 | |
MS15-058: Description of the security update for SQL Server 2012 SP1 GDR: July 14, 2015 | 2011.110.3000.0 or 2011.110.3153.0 | |
MS15-058: Description of the security update for SQL Server 2012 SP1 QFE: July 14, 2015 | 2011.110.3000.0 - 2011.110.3492 | |
MS15-058: Description of the security update for SQL Server 2012 Service Pack 2 GDR: July 14, 2015 | 2011.110.5058.0 or 2011.110.5522.0 | |
MS15-058: Description of the security update for SQL Server 2012 Service Pack 2 QFE: July 14, 2015 | 2011.110.5058.0 - 2011.110.5592 | |
MS15-058: Description of the security update for SQL Server 2014 GDR: July 14, 2015 | 2014.120.2000.8 or 2014.120.2254.0 | |
MS15-058: Description of the security update for SQL Server 2014 QFE: July 14, 2015 | 2014.120.2000.8 - 2014.120.2546 | |
MS15-058: Description of the non-security update for SQL Server 2014 Service Pack 1 GDR: July 14, 2015 | 2014.120.4100.1 |