Last updated: June 14th, 2022
End-of-Life : SQL Server 2014 reached end of mainstream support on July 9th, 2019.
| Service Pack 3 – Out of Support | ||||
| Label | Build # | KB Article | Date | Fixes (public) |
|---|---|---|---|---|
| CVE-2022-29143 | 12.0.6439.10 | KB #5014164 | 2022-06-14 | 1 |
From the CVE: "An authenticated attacker could exploit the vulnerability by executing a specially crafted query using $ partition against a table with a Column Store index." |
||||
| Security Update (CVE-2021-1636) |
12.0.6433.1 | KB #4583462 | 2021-01-12 | 1 |
This security update addresses an escalation of privilege vulnerability described in CVE-2021-1636. It is also being pushed via Windows Update, so you may get this sooner than you expect it. |
||||
| Security Update (CVE-2020-0618) |
12.0.6372.1 | KB #4535288 | 2020-02-11 | 1 |
| Fixes a remote code execution vulnerability in Reporting Services. | ||||
| SP3 Cumulative Update #4 | 12.0.6329.1 | KB #4500181 | 2019-07-29 | 25 (19) |
| Security Update (CVE-2019-1068) |
12.0.6293.0 | KB #4505422 | 2019-07-09 | 1 |
| SP3 Cumulative Update #3 | 12.0.6259.0 | KB #4491539 | 2019-04-16 | 4 (4) |
| SP3 Cumulative Update #2 | 12.0.6214.1 | KB #4482960 | 2019-02-19 | 5 (5) |
| SP3 Cumulative Update #1 | 12.0.6205.1 | KB #4470220 | 2018-12-12 | 16 (13) |
| SP3 GDR builds below – for non-CU path | ||||
| CVE-2022-29143 | 12.0.6169.19 | KB #5014165 | 2022-06-14 | 1 |
From the CVE: "An authenticated attacker could exploit the vulnerability by executing a specially crafted query using $ partition against a table with a Column Store index." |
||||
| GDR Security Update (CVE-2021-1636) |
12.0.6164.21 | KB #4583463 | 2021-01-12 | 1 |
This security update addresses an escalation of privilege vulnerability described in CVE-2021-1636. It is also being pushed via Windows Update, so you may get this sooner than you expect it. |
||||
| GDR Security Update (CVE-2020-0618) |
12.0.6118.4 | KB #4532095 | 2020-02-11 | 1 |
| Fixes a remote code execution vulnerability in Reporting Services. | ||||
| GDR Security Update (CVE-2019-1068) |
12.0.6108.1 | KB #4505218 | 2019-07-09 | 1 |
| Service Pack 3 | 12.0.6024.0 | KB #4022619 | 2018-10-30 | 31 (31) |
| Service Pack 2 – Out of Support | ||||
| Build Name | Build # | KB Article | Date | Fixes (public) |
| SP2 Cumulative Update #18 | 12.0.5687.1 | KB #4500180 | 2019-07-29 | 7 (4) |
| Security Update (CVE-2019-1068) |
12.0.5659.1 | KB #4505419 | 2019-07-09 | 1 |
| SP2 Cumulative Update #17 | 12.0.5632.1 | KB #4491540 | 2019-04-16 | 3 (3) |
| SP2 Cumulative Update #16 | 12.0.5626.1 | KB #4482967 | 2019-02-19 | 3 (3) |
| SP2 Cumulative Update #15 | 12.0.5605.1 | KB #4469137 | 2018-12-12 | 8 (7) |
| SP2 Cumulative Update #14 | 12.0.5600.1 | KB #4459860 | 2018-10-15 | 8 (6) |
| SP2 Cumulative Update #13 | 12.0.5590.1 | KB #4456287 | 2018-08-28 | 4 (4) |
| SP2 Cumulative Update #12 | 12.0.5589.7 | KB #4130489 | 2018-06-18 | 27 (16) |
| SP2 Cumulative Update #11 | 12.0.5579.0 | KB #4077063 | 2018-03-19 | 12 (10) |
| SP2 Cumulative Update #10 Security Advisory ADV180002 |
12.0.5571.0 | KB #4057117 KB #4052725 |
2018-01-16 | 5 (4) |
| SP2 Cumulative Update #9 | 12.0.5563 | KB #4055557 | 2017-12-18 | 8 (7) |
| SP2 Cumulative Update #8 | 12.0.5557 | KB #4037356 | 2017-10-17 | 15 (8) |
| SP2 Cumulative Update #7 | 12.0.5556 | KB #4032541 | 2017-08-28 | 15 (8) |
| SP2 Cumulative Update #6 | 12.0.5553 | KB #4019094 | 2017-08-08 | 29 (29) |
| SP2 Cumulative Update #5 | 12.0.5546 | KB #4013098 | 2017-04-17 | 24 (21) |
| SP2 Cumulative Update #4 | 12.0.5540 | KB #4010394 | 2017-02-21 | 30 (27) |
| SP2 Cumulative Update #3 | 12.0.5538 | KB #3204388 | 2016-12-28 | 44 (39) |
| Security Bulletin MS16-136 (CU) |
12.0.5532 | KB #3194718 | 2016-11-08 | 1 |
| SP2 Cumulative Update #2 | 12.0.5522 | KB #3188778 | 2016-10-18 | 18 (18) |
| SP2 Cumulative Update #1 | 12.0.5511 | KB #3178925 | 2016-08-24 | 45 (36) |
| SP2 GDR builds below – for non-CU path | ||||
| GDR Security Update (CVE-2019-1068) |
12.0.5223.6 | KB #4505217 | 2019-07-09 | 1 |
| Security Advisory ADV180002 (GDR) | 12.0.5214 | KB #4057120 | 2018-01-16 | 1 |
| CVE-2017-8516 GDR Security Update |
12.0.5207 | KB #4019093 | 2017-08-08 | 1 |
| Security Bulletin MS16-136 (GDR) |
12.0.5203 | KB #3194714 | 2016-11-08 | 1 |
| Service Pack 2 | 12.0.5000 | KB #3171021 | 2016-07-11 | 133 (53) |
| Service Pack 1 – Out of Support | ||||
| Label | Build # | KB Article | Date | Fixes (public) |
| SP1 Cumulative Update #13 | 12.0.4522 | KB #4019099 | 2017-08-08 | 11 (11) |
| SP1 Cumulative Update #12 | 12.0.4511 | KB #4017793 | 2017-04-17 | 12 (11) |
| SP1 Cumulative Update #11 | 12.0.4502 | KB #4010392 | 2017-02-21 | 15 (15) |
| SP1 Cumulative Update #10 | 12.0.4491 | KB #3204399 | 2016-12-28 | 33 (27) |
| Security Bulletin MS16-136 (CU) KB #3194722 |
12.0.4487 | KB #3194722 | 2016-11-08 | 1 |
| SP1 Cumulative Update #9 | 12.0.4474 | KB #3186964 | 2016-10-18 | 14 (14) |
| SP1 Cumulative Update #8 | 12.0.4468 | KB #3174038 | 2016-08-16 | 38 (38) |
| COD Hotfix 3174370 | 12.0.4463 | KB #3174370 | 2016-08-04 | 1 |
| This critical on-demand hotfix fixes a memory leak issue for customers running SQL Server 2014 and Azure Storage. | ||||
| SP1 Cumulative Update #7 | 12.0.4459 | KB #3162659 | 2016-06-20 | 35 (33) |
| SP1 Cumulative Update #6 (Refresh) |
12.0.4457 | KB #3167392 | 2016-05-31 | 44 (43) |
| This Cumulative Update has 44 fixes, most importantly a fix for corruption after dropping columns and a fix for the NOLOCK regression introduced in the original CU6 release (see KB #3167394 for more details). | ||||
| COD Hotfix 3147825 | 12.0.4452 | KB #3147825 | 2016-04-05 | 1 |
| This critical on-demand (COD) hotfix addressed an issue with distributed transactions in availability groups. The fix was replaced by a subsequent CU. | ||||
| SP1 Cumulative Update #6 | 12.0.4449 | KB #3144524 | 2016-04-18 | |
| SP1 Cumulative Update #5 | 12.0.4439 | KB #3130926 | 2016-02-22 | 20 (20) |
| COD Hotfix 3130999 | 12.0.4437 | KB #3130999 | 2016-02-05 | 2 (2) |
| SP1 Cumulative Update #4 | 12.0.4436 | KB #3106660 | 2015-12-22 | 34 (34) |
| COD Hotfix 3119148 | 12.0.4433 | KB #3119148 | 2015-12-09 | 1 |
| COD Hotfix 3097972 | 12.0.4432 | KB #3097972 | 2015-11-19 | 3 (3) |
| SP1 Cumulative Update #3 | 12.0.4427 | KB #3094221 | 2015-10-19 | 40 (36) |
| SP1 Cumulative Update #2 | 12.0.4422 | KB #3075950 | 2015-08-17 | 51 (46) |
| COD Hotfix 3078973 | 12.0.4419 | KB #3078973 | 2015-07-24 | 13 (13) |
| SP1 Cumulative Update #1 | 12.0.4416 | KB #3067839 | 2015-06-22 | 141 (121) |
| SP1 GDR builds below – for non-CU path | ||||
| CVE-2017-8516 GDR Security Update |
12.0.4237 | KB #4019091 | 2017-08-08 | 1 |
| Security Bulletin MS16-136 (GDR) KB #3194720 |
12.0.4232 | KB #3194720 | 2016-11-08 | 1 |
| SP1 GDR TLS 1.2 Update | 12.0.4219 | KB #3098852 | 2016-01-29 | 2 (2) |
| Includes TLS 1.2 support (see KB #3135244 and the Release Services blog for more details). | ||||
| COD Hotfix 3070446 | 12.0.4213 | KB #3067257 | 2015-05-15 | 1 |
| This GDR update addresses an issue described in KB #3067257: a wrong results bug with Columnstore indexes. | ||||
| Service Pack 1 | 12.0.4100 | KB #3058865 | 2015-05-15 | 29 (29) |
| Service Pack 1 (initial) | 12.0.4050 | This release was pulled from distribution shortly after release. | ||
| RTM – Out of Support | ||||
| Label | Build # | KB Article | Date | Fixes (public) |
| RTM Cumulative Update #14 | 12.0.2569 | KB #3158271 | 2016-06-20 | 21 (20) |
| RTM Cumulative Update #13 | 12.0.2568 | KB #3144517 | 2016-04-18 | 30 (30) |
| RTM Cumulative Update #12 | 12.0.2564 | KB #3130923 | 2016-02-22 | 7 (7) |
| RTM Cumulative Update #11 | 12.0.2560 | KB #3106659 | 2015-12-22 | 19 (19) |
| RTM Cumulative Update #10 | 12.0.2556 | KB #3094220 | 2015-10-19 | 33 (30) |
| RTM Cumulative Update #9 | 12.0.2553 | KB #3075949 | 2015-08-17 | 31 (30) |
| Security Bulletin MS15-058 | 12.0.2548 | KB #3045323 | 2015-07-13 | 1 |
| This QFE update patches a vulnerability which could allow remote code execution. More details in KB #3065718. | ||||
| RTM Cumulative Update #8 | 12.0.2546 | KB #3067836 | 2015-06-22 | 40 (38) |
| COD Hotfix for Azure Premium Storage Support | 12.0.2506 | KB #3063054 | 2015-05-19 | 1 |
| COD Hotfix for intraquery parallel deadlock | 12.0.2505 | KB #3052167 | 2015-05-19 | 1 |
| COD Hotfixes for SSIS / CCI | 12.0.2504 | KB #3058512 | 2015-05-05 | 2 (2) |
| RTM Cumulative Update #7 | 12.0.2495 | KB #3046038 | 2015-04-23 | 47 (41) |
| COD Hotfix for Parallel Batch-Mode Deadlock | 12.0.2488 | KB #3048751 | 2015-04-01 | 1 |
| COD Hotfix for Availability Groups with CLR UDTs | 12.0.2485 | KB #3042370 | 2015-03-16 | 1 |
| RTM Cumulative Update #6 | 12.0.2480 | KB #3031407 | 2015-02-16 | 64 (55) |
| COD Hotfix for AGs NOT SYNCHRONIZING | 12.0.2474 | KB #3034679 | 2015-02-04 | 1 |
| This hotfix addresses availability groups reporting as NOT SYNCHRONIZING, an issue caused by CU #5 below. That issue is documented in KB #3033492 and explained further in this SQL Server blog post. | ||||
| COD Hotfix for SSMS (Azure SQL Database) | 12.0.2472 | KB #3032087 | 2015-01-28 | 1 |
| COD Hotfix for query compile waits | 12.0.2464 | KB #3024815 | 2015-01-05 | 1 |
| This hotfix helps alleviate RESOURCE_SEMAPHORE_QUERY_COMPILE waits during concurrent compilation of large queries. A trace flag is also required (-T6498). | ||||
| RTM Cumulative Update #5 | 12.0.2456 | KB #3011055 | 2014-12-17 | 54 (48) |
| Cumulative Update #5 introduced a known issue with Availability Groups reporting as NOT SYNCHRONIZING. | ||||
| COD Hotfix for Availability Groups remote hardening | 12.0.2436 | KB #3014867 | 2014-11-27 | 1 |
| RTM Cumulative Update #4 | 12.0.2430 | KB #2999197 | 2014-10-21 | 66 (54) |
| RTM Cumulative Update #3 | 12.0.2402 | KB #2984923 | 2014-08-18 | 40 (32) |
| MS14-044 QFE Security Update | 12.0.2381 | KB #2984340 | 2014-08-12 | 1 |
| A denial of service / privilege escalation vulnerability was identified and patched August 12, 2014. It is described in Security Bulletin MS14-044 and KB #2984340. | ||||
| RTM Cumulative Update #2 | 12.0.2370 | KB #2967546 | 2014-06-27 | 52 (48) |
| RTM Cumulative Update #1 | 12.0.2342 | KB #2931693 | 2014-04-21 | 121 (114) |
| RTM GDR builds below – for non-CU path | ||||
| RTM GDR TLS 1.2 Update | 12.0.2271 | KB #3098856 | 2016-01-29 | 3 (3) |
| Includes TLS 1.2 support (see KB #3135244 and the Release Services blog for more details). | ||||
| Security Bulletin MS15-058 | 12.0.2269 | KB #3045324 | 2015-07-13 | 2 (2) |
| This GDR update patches a vulnerability which could allow remote code execution. More details in Security Bulletin MS15-058 and KB #3065718. | ||||
| Security Bulletin MS14-044 | 12.0.2254 | KB #2984340 | 2014-08-12 | 1 |
|
A denial of service / privilege escalation vulnerability was identified and patched August 12, 2014. It is described in Security Bulletin MS14-044 and KB #2984340. |
||||
| RTM | 12.0.2000 | 2014-04-01 | ||
