When all components have been updated on all nodes, the update will no longer be offered. If the SQL Server 2012 SP2/SP3, SQL Server 2014 SP1/SP2, and SQL Server 2016 RTM cluster has a passive node, to reduce downtime, Microsoft recommends that you scan and apply the update to the inactive node first, then scan and apply it to the active node. Updates for SQL Server clusters will require user interaction. The updates will also be offered to SQL Server 2012 SP2/SP3, SQL Server 2014 SP1/SP2, and SQL Server 2016 RTM instances that are clustered. **Will these security updates be offered to SQL Server clusters?** The CU branch is the only option if you have installed a previous SQL Server CU for the baseline you are on. A baseline can be the initial RTM release or a Service Pack.įor any given baseline, either the GDR or CU branch updates are options if you are at the baseline or have only installed a previous GDR update for that baseline. The primary difference between the two is that CU branches cumulatively include *all* updates for a given baseline, while GDR branches include *only* cumulative critical updates for a given baseline. The General Distribution Release (GDR) and Cumulative Update (CU) designations correspond to the two different update servicing branches in place for SQL Server. **What are the GDR and CU update designations and how do they differ?** MS16-136: Description of the security update for SQL Server 2016 CU: November 8, 2016įor additional installation instructions, see the Security Update Information subsection for your SQL Server edition in the **Update Information** section. MS16-136: Description of the security update for SQL Server 2016 GDR: November 8, 2016Ĭritical Update for SQL Server 2016 Analysis Services (KB3179258) MS16-136: Description of the security update for SQL Server 2014 Service Pack 2 CU: November 8, 2016 MS16-136: Description of the security update for SQL Server 2014 Service Pack 2 GDR: November 8, 2016 MS16-136: Description of the security update for SQL Server 2014 Service Pack 1 CU: November 8, 2016 Important Update for SQL Server 2014 SP1 (KB3070446) MS16-136: Description of the security update for SQL Server 2014 Service Pack 1 GDR: November 8, 2016 MS16-136: Description of the security update for SQL Server 2012 Service Pack 3 CU: November 8, 2016 MS16-136: Description of the security update for SQL Server 2012 Service Pack 3 GDR: November 8, 2016 MS16-136: Description of the security update for SQL Server 2012 SP2 CU: November 8, 2016 MS16-136: Description of the security update for SQL Server 2012 SP2 GDR: November 8, 2016 This security update also includes servicing releases up through…
Please upgrade to the latest Service Pack or SQL Server product in order to apply this and future security updates. Note If your SQL Server version number is not represented in the table below, your SQL Server version is no longer supported.
The corresponding update is the one you need to install. Second, in the table below, locate your version number or the version range that your version number falls within. For more information on determining your SQL Server version number, see Microsoft Knowledge Base Article 321185. How do I know which update to use?įirst, determine your SQL Server version number. There are GDR and/or CU (Cumulative Update) updates offered for my version of SQL Server.
To determine the support life cycle for your software version or edition, see Microsoft Support Lifecycle. Other versions or editions are either past their support life cycle or are not affected.
The following software has been tested to determine which versions or editions are affected. For more information, see the Affected Software section.įor more information about the vulnerabilities, see the Vulnerability Information section.įor more information about this update, see Microsoft Knowledge Base Article 3199641. This security update is rated Important for supported editions of Microsoft SQL Server 2012 Service Packs 2 and 3, Microsoft SQL Server 2014 Service Packs 1 and 2, and Microsoft SQL Server 2016. The security update addresses these most severe vulnerabilities by correcting how SQL Server handles pointer casting. The most severe vulnerabilities could allow an attacker could to gain elevated privileges that could be used to view, change, or delete data or create new accounts. This security update resolves vulnerabilities in Microsoft SQL Server. In this article Security Update for SQL Server (3199641)