Description of the security update for Microsoft OLE DB Driver 18 for SQL Server: April 9, 2024

Summary

This security update contains a fix and resolves vulnerabilities. To learn more about the vulnerabilities, see the following security advisories:

• CVE-2024-28906 - Microsoft OLE DB Driver for SQL Server Remote Code Execution Vulnerability
• CVE-2024-28908 - Microsoft OLE DB Driver for SQL Server Remote Code Execution Vulnerability
• CVE-2024-28909 - Microsoft OLE DB Driver for SQL Server Remote Code Execution Vulnerability
• CVE-2024-28910 - Microsoft OLE DB Driver for SQL Server Remote Code Execution Vulnerability
• CVE-2024-28911 - Microsoft OLE DB Driver for SQL Server Remote Code Execution Vulnerability
• CVE-2024-28912 - Microsoft OLE DB Driver for SQL Server Remote Code Execution Vulnerability
• CVE-2024-28913 - Microsoft OLE DB Driver for SQL Server Remote Code Execution Vulnerability
• CVE-2024-28914 - Microsoft OLE DB Driver for SQL Server Remote Code Execution Vulnerability
• CVE-2024-28915 - Microsoft OLE DB Driver for SQL Server Remote Code Execution Vulnerability
• CVE-2024-28926 - Microsoft OLE DB Driver for SQL Server Remote Code Execution Vulnerability
• CVE-2024-28927 - Microsoft OLE DB Driver for SQL Server Remote Code Execution Vulnerability
• CVE-2024-28939 - Microsoft OLE DB Driver for SQL Server Remote Code Execution Vulnerability
• CVE-2024-28940 - Microsoft OLE DB Driver for SQL Server Remote Code Execution Vulnerability
• CVE-2024-28942 - Microsoft OLE DB Driver for SQL Server Remote Code Execution Vulnerability
• CVE-2024-28944 - Microsoft OLE DB Driver for SQL Server Remote Code Execution Vulnerability
• CVE-2024-28945 - Microsoft OLE DB Driver for SQL Server Remote Code Execution Vulnerability
• CVE-2024-29044 - Microsoft OLE DB Driver for SQL Server Remote Code Execution Vulnerability
• CVE-2024-29045 - Microsoft OLE DB Driver for SQL Server Remote Code Execution Vulnerability
• CVE-2024-29046 - Microsoft OLE DB Driver for SQL Server Remote Code Execution Vulnerability
• CVE-2024-29047 - Microsoft OLE DB Driver for SQL Server Remote Code Execution Vulnerability
• CVE-2024-29048 - Microsoft OLE DB Driver for SQL Server Remote Code Execution Vulnerability
• CVE-2024-29984 - Microsoft OLE DB Driver for SQL Server Remote Code Execution Vulnerability
• CVE-2024-29983 - Microsoft OLE DB Driver for SQL Server Remote Code Execution Vulnerability
• CVE-2024-29982 - Microsoft OLE DB Driver for SQL Server Remote Code Execution Vulnerability
• CVE-2024-29985 - Microsoft OLE DB Driver for SQL Server Remote Code Execution Vulnerability
  The Microsoft OLE DB Driver 18 for Microsoft SQL Server components are updated to the following builds in this security update.
• SQL Server - Product version: 18.7.0002.0, file version:2018.187.2.0

How to obtain and install the update

__

Method 1: Windows Update

This update is available through Windows Update. When you turn on automatic updating, this update will be downloaded and installed automatically. For more information about how to turn on automatic updating, see Windows Update: FAQ.

__

Method 2: Microsoft Update Catalog

To get the standalone package for this update, go to the Microsoft Update Catalog website.

__

Method 3: Microsoft Download Center

The following MSI file (interactive or silent installations) is also available for download from Microsoft:Download the package now