KB5029185 is the cumulative update number 4 for SQL Server 2014 SP 3. The security update was released on 10 October 2023 as part of the ‘Patch Tuesday’ project.
Salient points
- KB5029185 is a cumulative update. It supersedes KB5021045 released in February 2023.
- KB5029185 updates the SQL Server Product version to 12.0.6449.1 and the file version to 2014.120.6449.1.
- Cumulative Update 4 for SQL Server 2014 SP 3 was released first under KB4500181 in July 2019.
- There have been multiple updates after the original CU 4 update. The current Cumulative Update 4 GDR is the 8th such update.
- KB5029185 resolves a single security vulnerability CVE-2023-36728. Brief details of the vulnerability are shared below.
- To install KB5029185, you need SQL Server 2019 SP3 or any SQL Server 2019 SP3 CU release.
- KB5029185 is available for the x86 and x64 platforms.
- KB5029185 security update for x86 platform is SQLServer2014-KB5029185-x86.exe. The file hash is 71EADC1F5F494C4832FCF4A23863A0FA6448C189B49A8C25F38D45CF1C35E953.
- KB5029185 security update for x64 platform is SQLServer2014-KB5029185-x64.exe. The file hash is 380C9ACE3D4598BB3E90A83443F5DB6A66FA1E9C5FF10B48EC38C65C98C63CCF.
- KB5029185 is available for SQL Server 2014 SP3 versions 12.0.6205.1 to 12.0.6444.4.
Download KB5029185
KB5029185 Cumulative Update 4 can be automatically deployed using the Windows Update program.
For manual deployments, you can download the executable installer file from the Microsoft Update Catalog site. Or, you could use the Microsoft Download Center to download the executable for KB5029185.
The installer files are available for SQL Server 2014 SP3 x86 and x64 editions.
We have also shared the direct download links for the KB5029185 files for x86 and x64 editions of SQL Server 2014 SP 3..
- Download KB5029185 from the Microsoft Update Catalog site
- Download KB5029185 for x86 edition – the size of the file is 379.5 MB.
- Download KB5029185 for x64 edition – the size of the file is 602.3 MB.
- Download KB5029185 from Microsoft Download Center
When you install the KB5029185 update file for the SQL Server 2014 SP3 CU 4, the server will reboot. So, we do suggest carrying out the installation of KB5029185 in an organized change process.
Vulnerability
KB5029185 resolves a security vulnerability in SQL Server 2014 SP3 CU 4. The details are listed below:
| CVE Details | CVSS Score | Severity | Impact | Comments |
|---|---|---|---|---|
| CVE-2023-36728 | 5.5 | Important | Denial of Service | An attacker could impact the availability of the service resulting in Denial of Service (DoS). |
KB5029185 – Changelog
The following issues or bugs are fixed in KB5029185.
- Bug ID – 2512429. It affects the SQL Server Engine
- Bug Description – An attacker can send a malformed TDS (Tabular Data Stream) packet that causes a login failure, unavailability, or other undefined behavior.
October 2023 Security Updates
You may be interested in reading more about other October 2023 security or cumulative updates shared below:
- KB5030333 SQL Server 2019 Cumulative Update 23
- KB5029378 SQL Server 2019 Cumulative Update 22 GDR
- KB5029503 SQL Server 2022 CU 8 Cumulative Update
- Windows 10 – KB5031377 Cumulative Update
- Windows 10 version 1809 – KB5031361
- Windows 10 version 1607 – KB5031362
- KB5031358 Cumulative Update for Windows 11 version 21H2
- KB5029377 Security Update for SQL Server 2019 GDR
- KB5031354 Cumulative Update for Windows 11 version 22H2
- KB5031356 for Windows 10 versions 21H2 and 22H2
- KB5031901 Update for .NET 7.0
- KB5031407 Security Update for Windows Server 2012 R2
- KB5031427 Security Update for Windows Server 2012
- KB5031419 Monthly Rollup for Windows Server 2012 R2
- KB5031442 Monthly Rollup Update for Windows Server 2012
- KB5031364 Cumulative Update for Windows Server 2022
- KB5031362 Cumulative Update for Windows Server 2016
- KB5031361 Cumulative Update for Windows Server 2019
Rajesh Dhawan is a technology professional who loves to blog about smart wearables, Cloud computing and Microsoft technologies. He loves to break complex problems into manageable chunks of meaningful information.