{"id":6703,"date":"2018-08-23T00:30:32","date_gmt":"2018-08-22T22:30:32","guid":{"rendered":"http:\/\/159.69.82.204\/win\/?p=6703"},"modified":"2019-11-03T06:59:29","modified_gmt":"2019-11-03T05:59:29","slug":"sql-server-2016-sp1-update-kb4458842-08-22-2018","status":"publish","type":"post","link":"https:\/\/borncity.com\/win\/2018\/08\/23\/sql-server-2016-sp1-update-kb4458842-08-22-2018\/","title":{"rendered":"SQL Server 2016 SP1 Update KB4458842 (08\/22\/2018)"},"content":{"rendered":"<p><img loading=\"lazy\" decoding=\"async\" title=\"Update\" style=\"border-left-width: 0px; border-right-width: 0px; border-bottom-width: 0px; float: left; margin: 0px 10px 0px 0px; display: inline; border-top-width: 0px\" border=\"0\" alt=\"Windows Update\" src=\"https:\/\/www.borncity.com\/blog\/wp-content\/uploads\/2015\/02\/Update.jpg\" width=\"54\" align=\"left\" height=\"54\">[<a href=\"https:\/\/www.borncity.com\/blog\/2018\/08\/23\/sql-server-2016-sp1-update-kb4458842-22-8-2018\/\" target=\"_blank\" rel=\"noopener noreferrer\">German<\/a>]A brief note for admins. Microsoft has released on August 22, 2018 a critical security update KB4458842 for SQL Server 2016 SP1. Here are a few details about that update.<\/p>\n<p><!--more--><\/p>\n<p>A first update revision for SQL Server 2016 SP2 was released on August 21, 2018 (see <a href=\"https:\/\/borncity.com\/win\/2018\/08\/21\/sql-server-2016-sp2-update-revision-kb4458621\/\">SQL Server 2016 SP2: Update-Revision KB4458621<\/a>). I don't know how many installations of SQL Server 2016 are still running with Service Pack 1 (if SP2 is available). However, there is a security update for these machines. @PhantomOfMobile drew my attention to the update via <a href=\"https:\/\/twitter.com\/PhantomofMobile\/status\/1032376946536005635\" target=\"_blank\" rel=\"noopener noreferrer\">Twitter<\/a>.<\/p>\n<blockquote class=\"twitter-tweet\" data-lang=\"de\">\n<p lang=\"en\" dir=\"ltr\">NEW (3)UPDATES for OFFICE &amp; SQL ENTERPRISE <a href=\"https:\/\/twitter.com\/hashtag\/4August?src=hash&amp;ref_src=twsrc%5Etfw\">#4August<\/a> in MS CATALOG <\/p>\n<p>ICYMI: <a href=\"https:\/\/twitter.com\/SBSDiva?ref_src=twsrc%5Etfw\">@SBSDiva<\/a> <a href=\"https:\/\/twitter.com\/woodyleonhard?ref_src=twsrc%5Etfw\">@woodyleonhard<\/a> <a href=\"https:\/\/twitter.com\/AdminKirsty?ref_src=twsrc%5Etfw\">@AdminKirsty<\/a> <a href=\"https:\/\/twitter.com\/thurrott?ref_src=twsrc%5Etfw\">@thurrott<\/a> <a href=\"https:\/\/twitter.com\/maryjofoley?ref_src=twsrc%5Etfw\">@maryjofoley<\/a> <a href=\"https:\/\/twitter.com\/bdsams?ref_src=twsrc%5Etfw\">@bdsams<\/a> <a href=\"https:\/\/twitter.com\/mehedih_?ref_src=twsrc%5Etfw\">@mehedih_<\/a> <a href=\"https:\/\/twitter.com\/ruthm?ref_src=twsrc%5Etfw\">@ruthm<\/a> <a href=\"https:\/\/twitter.com\/etguenni?ref_src=twsrc%5Etfw\">@etguenni<\/a> <a href=\"https:\/\/twitter.com\/SwiftOnSecurity?ref_src=twsrc%5Etfw\">@SwiftOnSecurity<\/a> <a href=\"https:\/\/twitter.com\/pcper?ref_src=twsrc%5Etfw\">@pcper<\/a> <a href=\"https:\/\/twitter.com\/MalwareJake?ref_src=twsrc%5Etfw\">@MalwareJake<\/a> <a href=\"https:\/\/twitter.com\/GossiTheDog?ref_src=twsrc%5Etfw\">@GossiTheDog<\/a> <a href=\"https:\/\/twitter.com\/ryanshrout?ref_src=twsrc%5Etfw\">@ryanshrout<\/a> <a href=\"https:\/\/twitter.com\/JobCacka?ref_src=twsrc%5Etfw\">@JobCacka<\/a> <a href=\"https:\/\/t.co\/ay984DjjWJ\">pic.twitter.com\/ay984DjjWJ<\/a><\/p>\n<p>\u2014 Crysta T. Lacey (@PhantomofMobile) <a href=\"https:\/\/twitter.com\/PhantomofMobile\/status\/1032376946536005635?ref_src=twsrc%5Etfw\">22. August 2018<\/a><\/p><\/blockquote>\n<p><span id=\"preserveea7d48271ec94ea8bb3c3352d6efeb68\" class=\"wlWriterPreserve\"><SCRIPT charset=\"utf-8\" src=\"https:\/\/platform.twitter.com\/widgets.js\" async><\/SCRIPT><\/span> <\/p>\n<h2>Update KB4458842 for SQL Server 2016 SP1<\/h2>\n<p>Update <a href=\"https:\/\/support.microsoft.com\/en-us\/help\/4458842\/description-of-the-security-update-for-the-remote-code-execution-vulne\" target=\"_blank\" rel=\"noopener noreferrer\">KB4458842<\/a> is titled <em>Description of the security update for the remote code execution vulnerability in SQL Server 2016 SP1 (GDR): August 22, 2018<\/em>. Microsoft writes about this out-of-band security update:<\/p>\n<blockquote>\n<p>A buffer overflow vulnerability exists in Microsoft SQL Server that could allow remote code execution on an affected system. An attacker who successfully exploits this vulnerability could execute code in the context of the SQL Server Database Engine service account.<\/p>\n<\/blockquote>\n<p>For more information about the vulnerability, see <a href=\"https:\/\/portal.msrc.microsoft.com\/en-us\/security-guidance\/advisory\/CVE-2018-8273\" target=\"_blank\" rel=\"noopener noreferrer\">CVE-2018-8273<\/a>. This update replaces update <a href=\"https:\/\/na01.safelinks.protection.outlook.com\/?url=https%3A%2F%2Fsupport.microsoft.com%2Fen-us%2Fhelp%2F4293801&amp;data=02%7C01%7C%7C71426f0771ac4fab1f8808d606d85cfd%7C72f988bf86f141af91ab2d7cd011db47%7C1%7C0%7C636703923680581797&amp;sdata=aV8fKkWr9d2tueq6MFev4IR5BvmM4H1J6xpBN3SZa4M%3D&amp;reserved=0\" target=\"_blank\" rel=\"noopener noreferrer\">KB4293801<\/a>, which was released August 14, 2018. If Update KB4293801 has already been installed, Microsoft recommends that you install the new Update KB4458842 as soon as possible. Update KB4293801 does not need to be uninstalled, as it will be replaced by the update KB4458842.<\/p>\n<p>Update <a href=\"https:\/\/support.microsoft.com\/en-us\/help\/4458842\/description-of-the-security-update-for-the-remote-code-execution-vulne\" target=\"_blank\" rel=\"noopener noreferrer\">KB4458842<\/a> will be distributed via Windows Update, but is also downloadable from <a href=\"http:\/\/catalog.update.microsoft.com\/v7\/site\/search.aspx?q=4458842\" target=\"_blank\" rel=\"noopener noreferrer\">Microsoft Update Catalog<\/a> and Microsoft Download Center. <\/p>\n","protected":false},"excerpt":{"rendered":"<p>[German]A brief note for admins. Microsoft has released on August 22, 2018 a critical security update KB4458842 for SQL Server 2016 SP1. Here are a few details about that update.<\/p>\n","protected":false},"author":1,"featured_media":0,"comment_status":"open","ping_status":"open","sticky":false,"template":"","format":"standard","meta":{"footnotes":""},"categories":[22],"tags":[1589,69,1590,195],"class_list":["post-6703","post","type-post","status-publish","format-standard","hentry","category-update","tag-kb4458842","tag-security","tag-sql-server-2016","tag-update"],"_links":{"self":[{"href":"https:\/\/borncity.com\/win\/wp-json\/wp\/v2\/posts\/6703","targetHints":{"allow":["GET"]}}],"collection":[{"href":"https:\/\/borncity.com\/win\/wp-json\/wp\/v2\/posts"}],"about":[{"href":"https:\/\/borncity.com\/win\/wp-json\/wp\/v2\/types\/post"}],"author":[{"embeddable":true,"href":"https:\/\/borncity.com\/win\/wp-json\/wp\/v2\/users\/1"}],"replies":[{"embeddable":true,"href":"https:\/\/borncity.com\/win\/wp-json\/wp\/v2\/comments?post=6703"}],"version-history":[{"count":0,"href":"https:\/\/borncity.com\/win\/wp-json\/wp\/v2\/posts\/6703\/revisions"}],"wp:attachment":[{"href":"https:\/\/borncity.com\/win\/wp-json\/wp\/v2\/media?parent=6703"}],"wp:term":[{"taxonomy":"category","embeddable":true,"href":"https:\/\/borncity.com\/win\/wp-json\/wp\/v2\/categories?post=6703"},{"taxonomy":"post_tag","embeddable":true,"href":"https:\/\/borncity.com\/win\/wp-json\/wp\/v2\/tags?post=6703"}],"curies":[{"name":"wp","href":"https:\/\/api.w.org\/{rel}","templated":true}]}}