We’ve released hotfix packages for the following drivers to address important security issues:
Microsoft ODBC Driver 17.10.4 for SQL Server (release notes) Microsoft ODBC Driver 18.2.2 for SQL Server (release notes) Microsoft OLE DB Driver 18.6.6 for SQL Server (release notes) Microsoft OLE DB Driver 19.3.1 for SQL Server (release notes)
Related CVEs for these updates are the following:
CVE-2023-29349 – Microsoft ODBC and OLE DB Remote Code Execution Vulnerability CVE-2023-32028 – Microsoft OLE DB Remote Code Execution Vulnerability CVE-2023-32027 – Microsoft ODBC Driver for SQL Server Remote Code Execution Vulnerability CVE-2023-32026 – Microsoft