Not a user yet?
Log in Register for free Suggest a product
Update

KB5083252: Resolves an issue in SQL Server in which improper neutralization of special elements

SQL Server 2022SQL Server 2022
Microsoft

KB5083252 - Description of the security update for SQL Server 2022 CU24: April 14, 2026

Summary
This security update contains fixes and resolves vulnerabilities. To learn more about the vulnerabilities, see the following security advisories:

  • CVE-2026-32167 - SQL Server Elevation of Privilege Vulnerability​​​​​​​
  • CVE-2026-32176 - SQL Server Elevation of Privilege Vulnerability

The Microsoft SQL Server components are updated to the following builds in this security update:

  • SQL Server - product version: 16.0.4250.1, file version: 2022.160.4250.1

Improvements and fixes included in this update
A downloadable Excel workbook that contains a summary list of builds, together with their current support lifecycle, is available. The Excel file also contains detailed fix lists

Bug Reference: 5063812
Description: This fix addresses an elevation of privilege vulnerability in SQL Server linked servers that allows a low-privileged SQL Server user to gain sysadmin permissions.
Fix Area: SQL Server Engine
Component: PolyBase
Platform: Linux, Windows

Bug Reference: 5052462
Description: This fix resolves an issue in SQL Server in which improper neutralization of special elements in SQL commands (SQL injection) allows an authorized attacker to elevate privileges over a network.
Fix Area: SQL Server Engine
Component: SQL Agent
Platform: Windows

More updatesTo the product
Receive Important Update Messages Stay tuned for upcoming Microsoft updates

More from the Apps & Software section

Was the content helpful to you?

Advertisement Advertise here?
Udemy IT certification ad