Not a user yet?
Log in Register for free Suggest a product
Update

KB5068402: This update resolves an issue in SQL Server Analysis Services

SQL Server 2017SQL Server 2017
Microsoft

KB5068402 - Description of the security update for SQL Server 2017 CU31: November 11, 2025

Summary
This security update contains fixes and resolves vulnerabilities. To learn more about the vulnerabilities, see the following security advisories:

  • CVE-2025-59499 - Microsoft SQL Server Elevation of Privilege Vulnerability​​​​​​​

The Microsoft SQL Server components are updated to the following builds in this security update:

  • SQL Server - product version: 14.0.3515.1, file version: 2017.140.3515.1

Improvements and fixes included in this update

4653617:
This update resolves an issue in SQL Server Analysis Services where Row-Level Security (RLS) filters could be skipped when combined with Object-Level Security (OLS) and Column-Level Security (CLS) in certain multi-role configurations. This only occurs under rare and contradictory setups (for example, a role granting table-level read permission while restricting all columns, combined with other similar restrictive roles). The fix ensures RLS is consistently applied in all scenarios.

4711201

  • This hotfix addresses a SQL injection vulnerability in an internal backup stored procedure that was inadvertently exposed to all users. The hotfix restricts unauthorized access and mitigates the risk by correctly sanitizing input parameters.
More updatesTo the product
Receive Important Update Messages Stay tuned for upcoming Microsoft updates

More from the Apps & Software section

Was the content helpful to you?

Advertisement Advertise here?
Udemy IT certification ad