We’ve released hotfix packages for the following drivers to address an important security issue:
Microsoft OLE DB Driver for SQL Server (version 18.7.4 release notes / download) Microsoft OLE DB Driver 19 for SQL Server (version 19.3.5 release notes / download)
The CVE for these OLE DB driver updates is:
CVE-2024-37334 – Microsoft OLE DB Driver for SQL Server Remote Code Execution Vulnerability
The issue involves connecting to a malicious server that sends malicious data in order to compromise a client. These driver updates are available via Microsoft Update, standalone download, and