Not a user yet?
Log in Register for free Suggest a product
Update

KB5084815:Resolves an issue in which a specially crafted SQL query triggers a fatal access violation

SQL Server 2022SQL Server 2022
Microsoft

KB5084815 - Description of the security update for SQL Server 2022 GDR: April 14, 2026

Summary
This security update contains fixes and resolves vulnerabilities. To learn more about the vulnerabilities, see the following security advisories:

  • CVE-2026-32167 - SQL Server Elevation of Privilege Vulnerability
  • CVE-2026-32176 - SQL Server Elevation of Privilege Vulnerability​​​​​​​
  • CVE-2026-33120 - Microsoft SQL Server Remote Code Execution Vulnerability

The Microsoft SQL Server components are updated to the following builds in this security update:

SQL Server - product version: 16.0.1175.1, file version: 2022.160.1175.1

Improvements and fixes included in this update
A downloadable Microsoft Excel workbook that contains a summary list of builds, together with their current support lifecycle, is available. The Excel file also contains detailed fix lists.

Bug Reference: 5029960
Description: This fix addresses an elevation of privilege vulnerability in SQL Server linked servers that allows a low-privileged SQL Server user to gain sysadmin permissions.
Fix Area: SQL Server Engine
Component: PolyBase
Platform: Linux, Windows

Bug Reference: 5040272
Description:This fix resolves an issue in which a specially crafted SQL query triggers a fatal access violation that causes SQL Server to stop responding. An unprivileged user, including a user who has read-only permissions, can exploit this issue to cause a denial-of-service (DoS) attack.
Fix Area: SQL Server Engine
Component: Programmability
Platform: Linux, Windows

Bug Reference: 4999188

Description: This fix resolves an issue in SQL Server in which improper neutralization of special elements in SQL commands (SQL injection) allows an authorized attacker to elevate privileges over a network.

Fix Area: SQL Server Engine
Component: SQL Agent
Platform: Windows
This format is easy to read, professional, and well-organized for release notes, security bulletins, or documentation.

More updatesTo the product
Receive Important Update Messages Stay tuned for upcoming Microsoft updates

More from the Apps & Software section

Was the content helpful to you?

Advertisement Advertise here?
Udemy IT certification ad