Blog Post

SQL Server Blog
7 MIN READ

Update: Security hotfixes released for ODBC and OLE DB drivers for SQL Server

DavidEngelMS's avatar
DavidEngelMS
Icon for Microsoft rankMicrosoft
Apr 09, 2024

We've released hotfix packages for the following drivers to address important security issues:

 

 

Related CVEs for these updates are the following:

 

For ODBC:

 

For OLE DB:

 

All the issues involve connecting to a malicious server that sends malicious data in order to compromise a client. These driver updates are available via Microsoft Update, standalone download, and are included in the SQL Server 2019 and SQL Server 2022 updates that released April 9, 2024.

 

Next steps

For Windows installations, automatic updates will be provided via Microsoft Update or you can download the packages directly:

  • Microsoft ODBC Driver 17 for SQL Server (version 17.10.6 download)
  • Microsoft ODBC Driver for SQL Server (version 18.3.3 download)
  • Microsoft OLE DB Driver 18 for SQL Server (version 18.7.2 download)
  • Microsoft OLE DB Driver 19 for SQL Server (version 19.3.3 download)

Linux and macOS packages for ODBC are also available and can be updated via package managers on most platforms. For installation details and manual instructions, see the online instructions for Linux or macOS.

 

**** UPDATE ****

If you need the packages from the Microsoft Update catalog, unfortunately those weren't uploaded with unique names. Here is a table to help you to identify and download them. These packages are wrappers around the MSI packages and only perform a silent install/update. The update package for Microsoft OLE DB Driver 19 for SQL Server also includes the VC Runtime to ensure a seamless update from OLE DB driver version 19.2 or lower.

 

Microsoft ODBC Driver 17 for SQL Server

x64 CHS - Chinese (Simplified, China) msodbcsql_e51f599f4d7dc61657737475032aeaa032c33955.exe
x64 CHT - Chinese (Traditional, Taiwan) msodbcsql_964848d9a5f626785a4a284953a28591b8cd5fb2.exe
x64 DEU - German (Germany) msodbcsql_6f1fecd9db5c96a531579663094f9027d9b5d2d8.exe
x64 ENU - English (United States) msodbcsql_3be4cf889ad6c6334b15ac136d57321cbca28026.exe
x64 ESN - Spanish (Spain, International Sort) msodbcsql_c1b6ef0bf792bac8882f639a9c812d0f862b3837.exe
x64 FRA - French (France) msodbcsql_8b92761090a40302481a2634ad47bcfbc1b6927e.exe
x64 ITA - Italian (Italy) msodbcsql_e7c8c703bc0fb1886fbc71d9526b949c871d35b6.exe
x64 JPN - Japanese (Japan) msodbcsql_ccd4b3f52ae639daf0d7ab3f90e8582707d00a38.exe
x64 KOR - Korean (Korea) msodbcsql_f612d2e9575fbb4e7fd5518c9b66dc63a910c7ee.exe
x64 PTB - Portuguese (Brazil) msodbcsql_484b66ed7c2430d2cbaae4245e19c56a40d21793.exe
x64 RUS - Russian (Russia) msodbcsql_d1ec4a696a0067b2284ea8d07eeea19edf8cd197.exe
x86 CHS - Chinese (Simplified, China) msodbcsql_89a7195b4995e261f228eb23bcc921f0562e5d38.exe
x86 CHT - Chinese (Traditional, Taiwan) msodbcsql_056f06d3242ea0ee028e6d6e4c66ea83ba3a7ff3.exe
x86 DEU - German (Germany) msodbcsql_5c78125b31280f6d593dbc37bbc9e888f80dbf93.exe
x86 ENU - English (United States) msodbcsql_8d894d5d9d52be9c8afaf04cebe7c0e26ef1f50e.exe
x86 ESN - Spanish (Spain, International Sort) msodbcsql_0b915a083268a540200396c79bb6e8468fe269a1.exe
x86 FRA - French (France) msodbcsql_9630db4b9616b469c15ee26f92218bf8f37a612f.exe
x86 ITA - Italian (Italy) msodbcsql_a6a50dafcc046e1e975ad2a9126927bb7c27cc87.exe
x86 JPN - Japanese (Japan) msodbcsql_f391827671f33c7245783e8888ed97d5fb8247bc.exe
x86 KOR - Korean (Korea) msodbcsql_45d24645bfe966616f2ae14af9a47ed7c8bf866e.exe
x86 PTB - Portuguese (Brazil) msodbcsql_c501e52dd16c1f474cf16b87897eca7ce68e26e1.exe
x86 RUS - Russian (Russia) msodbcsql_4df8e9a04a74db8c8b69c732ceee09ff043ed613.exe

 

Microsoft ODBC Driver 18 for SQL Server

arm64 CHS - Chinese (Simplified, China) msodbcsql_d6429322aeffce17b62fcd08d794525eb12c53dd.exe
arm64 CHT - Chinese (Traditional, Taiwan) msodbcsql_3ca79964a0eacbc23ac02e14449817e09eba5f5f.exe
arm64 DEU - German (Germany) msodbcsql_11b74070966835e7d8888ad7747d88fa99419f33.exe
arm64 ENU - English (United States) msodbcsql_ce484e3fcbd3f469bdb3a111db3fa54dd6b05680.exe
arm64 ESN - Spanish (Spain, International Sort) msodbcsql_8c8764147aee5b640a3bab87c44f341e71d88374.exe
arm64 FRA - French (France) msodbcsql_2bf88aceb9d63cfeca296a36834a5663487d0e6e.exe
arm64 ITA - Italian (Italy) msodbcsql_114aeac50d098f51c5927ebc0f7f029f92dcda95.exe
arm64 JPN - Japanese (Japan) msodbcsql_29fba293f1e87ebabc6343350b576e46a2c46340.exe
arm64 KOR - Korean (Korea) msodbcsql_a79158f22e7934783403888a95ef99fc2faa3d5a.exe
arm64 PTB - Portuguese (Brazil) msodbcsql_6ec2fa6f16799a040bb46eb37b000b59bec57128.exe
arm64 RUS - Russian (Russia) msodbcsql_20e3076b9649b4750b0845480cc2e7fbfbf74841.exe
x64 CHS - Chinese (Simplified, China) msodbcsql_68f6348c2d82c528b4f9aeb4f633120f87c4f86e.exe
x64 CHT - Chinese (Traditional, Taiwan) msodbcsql_790a632f2d36b01c8d2e25ebf2b87c4d3308aae5.exe
x64 DEU - German (Germany) msodbcsql_d25a73bfc9f9aa99421ed4fd4b9b4a1f7960b08c.exe
x64 ENU - English (United States) msodbcsql_af0d0c6e2384cd58d940c5befcfb549d03a99c03.exe
x64 ESN - Spanish (Spain, International Sort) msodbcsql_ec35907c14361ff11a5a133d9bb24fd12b4fdac1.exe
x64 FRA - French (France) msodbcsql_7a4c0f154d2de1b2017089324933bf2d2b6c56aa.exe
x64 ITA - Italian (Italy) msodbcsql_969c33d28dd334fd532b4299327dc0c7081e828c.exe
x64 JPN - Japanese (Japan) msodbcsql_3cc35f29c4e706bbd7f318b019b259472ca4bc73.exe
x64 KOR - Korean (Korea) msodbcsql_983724aa898fc9bd21a29fed0f1283e64473637e.exe
x64 PTB - Portuguese (Brazil) msodbcsql_88eaff47a03caa9de49c5004e52222d00a59d0f8.exe
x64 RUS - Russian (Russia) msodbcsql_a5145f70bba5ba53e84da41eca8e38bc1c743ad5.exe
x86 CHS - Chinese (Simplified, China) msodbcsql_2b37c611084d8f3ca3452cad22bd10e9b0d3aa88.exe
x86 CHT - Chinese (Traditional, Taiwan) msodbcsql_e7bff1ce25ae6af17a36633b76fecb0993a0fccd.exe
x86 DEU - German (Germany) msodbcsql_f8621f5b0a2ef0f1a1580c61920537a8c8468c8d.exe
x86 ENU - English (United States) msodbcsql_920514c996e468ec569483f0d4af563ecae9f59b.exe
x86 ESN - Spanish (Spain, International Sort) msodbcsql_0f12cf99cf17361132e5dc1f776291f578bc8e2f.exe
x86 FRA - French (France) msodbcsql_8d975621f42ef15b09c4d3690a7a953ee639e058.exe
x86 ITA - Italian (Italy) msodbcsql_95d5fed8d736bae71db73d3b43167ae6de1f27d2.exe
x86 JPN - Japanese (Japan) msodbcsql_e82e5ba78145cec63b11b4fb7d4ba48b6c6a13d0.exe
x86 KOR - Korean (Korea) msodbcsql_90e91234beccc15e321c28ef7dffbabf7a013614.exe
x86 PTB - Portuguese (Brazil) msodbcsql_7ab9a44d07ba8c53956616809886accbd00d4292.exe
x86 RUS - Russian (Russia) msodbcsql_3505a66ff98f79a3ae7020a6700da840d6d7bf0d.exe

 

Microsoft OLE DB Driver 19 for SQL Server

arm64 CHS - Chinese (Simplified, China) msoledbsql_43acd336d217059e95f6267c1047e22f9a9f02b4.exe
arm64 CHT - Chinese (Traditional, Taiwan) msoledbsql_08caa43437a3fa37c0fa0ff6b809ea4fddf3944f.exe
arm64 DEU - German (Germany) msoledbsql_c7ef56c839fcd3c2be993a4a13eef0051706f853.exe
arm64 ENU - English (United States) msoledbsql_f732d80410a3b89594d623c8880d9eedf544b34b.exe
arm64 ESN - Spanish (Spain, International Sort) msoledbsql_6dae4f609414d7c4a6bfa68efc7bf37923c19a50.exe
arm64 FRA - French (France) msoledbsql_6c26f847df1825567fef8bb18d87a5fa1047a91c.exe
arm64 ITA - Italian (Italy) msoledbsql_d6066ced3849d03dffd6f044d350fe022abed76d.exe
arm64 JPN - Japanese (Japan) msoledbsql_0c749d690a294324ac8f1bc8aae1353c18c1e050.exe
arm64 KOR - Korean (Korea) msoledbsql_756cf258183f652973a01a0cb011c616d6ffaa80.exe
arm64 PTB - Portuguese (Brazil) msoledbsql_af22dfb5dcb8b82d39278c0672351f00d991212a.exe
arm64 RUS - Russian (Russia) msoledbsql_16572090fc33574865c2ccea67a74aadf49bfd20.exe
x64 CHS - Chinese (Simplified, China) msoledbsql_5123e478fe7abcaa9abd20e567993b39d7dfc31f.exe
x64 CHT - Chinese (Traditional, Taiwan) msoledbsql_58d818cc0de54f08ce9cacc37c8ed3bb22fed4a1.exe
x64 DEU - German (Germany) msoledbsql_e3db452afaa7d4ba8f9830a55fe356efe6f7679a.exe
x64 ENU - English (United States) msoledbsql_5d9ba7fc85b7a2c1ba9d68a1acc7b5f326e91657.exe
x64 ESN - Spanish (Spain, International Sort) msoledbsql_cc6911066dfda194a2abdfff241eb75e66f04d0d.exe
x64 FRA - French (France) msoledbsql_10a313d9fa513419c38eb4db20cf118ce1551907.exe
x64 ITA - Italian (Italy) msoledbsql_97763d7eb7e790d636db19fe41749a8aaec1963c.exe
x64 JPN - Japanese (Japan) msoledbsql_f0789875353f35ce2910875bf14aeac675e3a7f7.exe
x64 KOR - Korean (Korea) msoledbsql_ae6b59478c68bd09f83b237dbb2e3761d517a8b4.exe
x64 PTB - Portuguese (Brazil) msoledbsql_30e98fe757911508e02cd83d5cb4c19c38020262.exe
x64 RUS - Russian (Russia) msoledbsql_822563f17bf8894291e895a9296d8b0902c7cea5.exe
x86 CHS - Chinese (Simplified, China) msoledbsql_f378efad44b17bae7d2931769ff6e14875ed1fb9.exe
x86 CHT - Chinese (Traditional, Taiwan) msoledbsql_33b3ed6e2939d25433d3bd9b2cb3acb75c6a8615.exe
x86 DEU - German (Germany) msoledbsql_21395c39a135cec883e9e5133bafb6f38a2733e4.exe
x86 ENU - English (United States) msoledbsql_cace0407fc56c6ff5c585feeedaa07572be9f3d3.exe
x86 ESN - Spanish (Spain, International Sort) msoledbsql_cd3774f2157befe556311137b852d9a1801eb693.exe
x86 FRA - French (France) msoledbsql_37ddfdabbe39af42ce0f79852cbe850b42edf8f6.exe
x86 ITA - Italian (Italy) msoledbsql_7afb76bccb20bff7e675e72c1ce9adfe871448b5.exe
x86 JPN - Japanese (Japan) msoledbsql_20547cce52cbe8fe6793ed4cd34ca4e1b37f06e1.exe
x86 KOR - Korean (Korea) msoledbsql_61e5659ba6b5877b426fe907610798ee3d26b2ef.exe
x86 PTB - Portuguese (Brazil) msoledbsql_c5eb044240673596798b5cc24a5bb2caa0504109.exe
x86 RUS - Russian (Russia) msoledbsql_419c7abd7409ae93d17e0e39f9e6fefce4b230ef.exe

 

Microsoft OLE DB Driver for SQL Server

x64 CHS - Chinese (Simplified, China) msoledbsql_c6eaf03bfc1a2525700ce9fc9632808b48de3127.exe
x64 CHT - Chinese (Traditional, Taiwan) msoledbsql_17c28829408308a42bb4de1b89f2d99eebcfcd4e.exe
x64 DEU - German (Germany) msoledbsql_e475bb9ef48e729f6cd7023adff2d2e2a7c6984d.exe
x64 ENU - English (United States) msoledbsql_428a3a836d88fc9f1c24343fcd35492c81363f12.exe
x64 ESN - Spanish (Spain, International Sort) msoledbsql_98b75adf71f7172c7ae389566136961fde68b47f.exe
x64 FRA - French (France) msoledbsql_78185ad29efd9557f86e5c6ff294a29dd3b1488f.exe
x64 ITA - Italian (Italy) msoledbsql_93218beb8bf5923ab70723ed2395fa79838ed181.exe
x64 JPN - Japanese (Japan) msoledbsql_6c2e9a456b4785232154f23045c73a98e583beb0.exe
x64 KOR - Korean (Korea) msoledbsql_a9334f6716909d291395a9604034433572858e4a.exe
x64 PTB - Portuguese (Brazil) msoledbsql_6f72c61285ea7026b9495b68a57e623bc98d482b.exe
x64 RUS - Russian (Russia) msoledbsql_e202f01788700d1ea2314365af5efe23ce950f4c.exe
x86 CHS - Chinese (Simplified, China) msoledbsql_9039268f21bfd17cd1a1dfe7343085f93f170ac5.exe
x86 CHT - Chinese (Traditional, Taiwan) msoledbsql_0e45e3f6a31a9be4e81366945623e34381fd1462.exe
x86 DEU - German (Germany) msoledbsql_83338f79d888effa92687f7b7218eca3e80995b7.exe
x86 ENU - English (United States) msoledbsql_0e9a44639617a426644c993cf9a358c0373f0fb3.exe
x86 ESN - Spanish (Spain, International Sort) msoledbsql_025c4a6e49548bd6958d0de9f29ee3d7cf3e5390.exe
x86 FRA - French (France) msoledbsql_7b0502f137fbcaa4e600c7d70bf6a12ac0456524.exe
x86 ITA - Italian (Italy) msoledbsql_fd3674366567eb2544aac86d0c62167ff2be8ca0.exe
x86 JPN - Japanese (Japan) msoledbsql_0b9eede5c7bb8441fd881929a2298a5664fddcf1.exe
x86 KOR - Korean (Korea) msoledbsql_306c3c8273d2e73cee2d5dc2369907fda3f1b6f1.exe
x86 PTB - Portuguese (Brazil) msoledbsql_cf1b47d862375c1e7d65a93d6978d2d0f8bd8d90.exe
x86 RUS - Russian (Russia) msoledbsql_84579da9d6eab022b52c6724ab61c799a254deff.exe

 

How do I know what version of a driver I have installed?

On Windows, look in Add or remove programs. The version is shown with the installed package. Additionally, you can look at the file properties of the installed files and inspect the Product Version field in the Details. Here are the main files for each driver:

 

    • Microsoft ODBC Driver 17 for SQL Server - %Windir%\system32\msodbcsql17.dll
    • Microsoft ODBC Driver 18 for SQL Server - %Windir%\system32\msodbcsql18.dll
    • Microsoft OLE DB Driver for SQL Server - %Windir%\system32\msoledbsql.dll
    • Microsoft OLE DB Driver 19 for SQL Server - %Windir%\system32\msoledbsql19.dll

On Linux you can use package manager commands to view the version of the installed ODBC driver package. Or you can look directly at the files, which live in /opt/microsoft/msodbcsql17/lib64/ or /opt/microsoft/msodbcsql18/lib64/ and have the version in their name: libmsodbcsql-17.X.so.X.X or libmsodbcsql-18.X.so.X.X.

 

Roadmap

We are committed to improving quality and bringing more feature support for connecting to SQL Server Azure SQL Database Azure SQL DW, and Azure SQL Managed Instance through regular driver releases. We invite you to explore the latest the Microsoft Data Platform has to offer via a trial of Microsoft Azure SQL Database or by evaluating Microsoft SQL Server.

David Engel

Updated Sep 24, 2024
Version 4.0
sqlserverdrivers
  • DavidEngelMS's avatar
    DavidEngelMS
    Icon for Microsoft rankMicrosoft
    Sep 17, 2024

    pmandad That seems like a problem with the caching network backing the packages.microsoft.com repository. I'm guessing it was intermittent. Is it still happening?

  • pmandad's avatar
    pmandad
    Copper Contributor
    Sep 11, 2024

    Hello DavidEngelMS

     

    I am trying to build my code using ubuntu-22.04 using Azure Pipelines and it fails when I am trying to setup odbc driver 18. It fails 

    with the following error : 

     

    #7 8.662 The following NEW packages will be installed:
    #7 8.663 mssql-tools18
    #7 8.796 0 upgraded, 1 newly installed, 0 to remove and 22 not upgraded.
    #7 8.796 Need to get 211 kB of archives.
    #7 8.796 After this operation, 0 B of additional disk space will be used.
    #7 8.796 Ign:1 https://packages.microsoft.com/ubuntu/23.04/prod lunar/main amd64 mssql-tools18 amd64 18.4.1.1-1
    #7 9.858 Ign:1 https://packages.microsoft.com/ubuntu/23.04/prod lunar/main amd64 mssql-tools18 amd64 18.4.1.1-1
    #7 11.92 Ign:1 https://packages.microsoft.com/ubuntu/23.04/prod lunar/main amd64 mssql-tools18 amd64 18.4.1.1-1
    #7 15.99 Err:1 https://packages.microsoft.com/ubuntu/23.04/prod lunar/main amd64 mssql-tools18 amd64 18.4.1.1-1
    #7 15.99 Could not handshake: A TLS fatal alert has been received. [IP: ]
    #7 16.00 E: Failed to fetch https://pmc-geofence.trafficmanager.net/ubuntu/23.04/prod/pool/main/m/mssql-tools18/mssql-tools18_18.4.1.1-1_amd64.deb?geofence=true Could not handshake: A TLS fatal alert has been received. [IP: ]
    #7 16.00 E: Unable to fetch some archives, maybe run apt-get update or try with --fix-missing?
    #7 ERROR: process "/bin/sh -c curl https://packages.microsoft.com/keys/microsoft.asc | apt-key add - && curl https://packages.microsoft.com/config/ubuntu/23.04/prod.list > /etc/apt/sources.list.d/mssql-release.list && apt update && ACCEPT_EULA=Y apt install -y --no-install-recommends --allow-unauthenticated msodbcsql18 && ACCEPT_EULA=Y apt install -y --no-install-recommends --allow-unauthenticated mssql-tools18 && echo 'export PATH=\"$PATH:/opt/mssql-tools18/bin\"' >> ~/.bash_profile && echo 'export PATH=\"$PATH:/opt/mssql-tools18/bin\"' >> ~/.bashrc" did not complete successfully: exit code: 100
    ------
     
    This builds were running good until a week ago. 
     
    I would really appreciate any suggestions.
     
    Thank you,
    Pradeep 
  • DavidEngelMS's avatar
    DavidEngelMS
    Icon for Microsoft rankMicrosoft
    Aug 26, 2024

    RKB08 

    Different major versions of the drivers install side by side and are considered different applications. You need to download the latest update for the major version of the existing install.

     

    David

  • RKB08's avatar
    RKB08
    Copper Contributor
    Aug 24, 2024

    Hello

     

    We have standalone instances for SQL, when I am updating the ODBC, OLE they are getting installed as new instances not upgrading the exiting ones?  

     

    Is there any specific switches I have to use to upgrade the existing not install a new instance?

     

    Any help will be highly appreciated

     

    Kindest Regards

    RKB

     

     

  • jbruns2019's avatar
    jbruns2019
    Brass Contributor
    Jul 29, 2024

    How do I know what version of a driver I have installed?

    let's add "how do I know what architectures of a driver I have installed?  There are x86 and x64 versions for all of this.  How do we get a complete inventory?

     

    Idea:  Throw together a powershell script (that runs on 5.1) which will output a nice report with versions, paths, architectures, dates etc.

     

    This helps a little.

     

    [System.Diagnostics.FileVersionInfo]::GetVersionInfo("C:\Windows\System32\msoledbsql.dll")
    [System.Diagnostics.FileVersionInfo]::GetVersionInfo("C:\Windows\System32\msodbcsql17.dll")
    [System.Diagnostics.FileVersionInfo]::GetVersionInfo("C:\Windows\System32\msodbcsql18.dll")
    [System.Diagnostics.FileVersionInfo]::GetVersionInfo("C:\Windows\System32\msodlebsql19.dll")
    [System.Diagnostics.FileVersionInfo]::GetVersionInfo("C:\Windows\SysWow64\msoledbsql.dll")
    [System.Diagnostics.FileVersionInfo]::GetVersionInfo("C:\Windows\SysWow64\msodbcsql17.dll")
    [System.Diagnostics.FileVersionInfo]::GetVersionInfo("C:\Windows\SysWow64\msodbcsql18.dll")
    [System.Diagnostics.FileVersionInfo]::GetVersionInfo("C:\Windows\SysWow64\msodlebsql19.dll")
     
  • Michael_Dawson's avatar
    Michael_Dawson
    Copper Contributor
    Jun 24, 2024

    Does anyone know how I can test if KB5037570 is installed using PowerShell?

  • DavidEngelMS's avatar
    DavidEngelMS
    Icon for Microsoft rankMicrosoft
    Jun 18, 2024

    shivahsvs 

     

    A standalone installation of the ODBC or OLE DB drivers can't control applications or services that might use it. If an application has driver files locked, the application will either need to be stopped or the driver installation will require a reboot.

     

    SQL Server 2019 and 2022 both use those drivers (earlier SQL Server versions do not). As an alternative to using the standalone driver installers, you can install the latest update for SQL Server 2019/2022, which includes the latest ODBC/OLEDB driver in it. This way the SQL Server installer will stop/start its own services as part of the install.

     

    Regards,

    David

  • shivahsvs's avatar
    shivahsvs
    Copper Contributor
    Jun 18, 2024

    DavidEngelMS Thank you for sharing this useful article.

     

    While manually updating ODBC drivers, we had to stop SQL Agent service, because setup says the file is already in use.
    While manually updating OLEDB drivers, we had to stop SQL Agent Service and the SQL DB Engine service, because setup says the file is already in use.

     

    We noticed this is happening only on SQL Server 2019 or 2022 servers. We did not have to stop SQL Agent or DB engine services in SQL Server 2016 or earlier version servers. Is this a known issue from Microsoft side? Is there any way to update the ODBC/OLE DB drivers without stopping the SQL Agent or DB Engine services on SQL server 2019 or 2022 servers?

  • _xblane's avatar
    _xblane
    Copper Contributor
    Jun 05, 2024

    Thanks DavidEngelMS 

    I tried the above workaround on a server with OLE 19, ie, creating "HKLM\Software\Microsoft\Microsoft ODBC Driver 18 for SQL Server". The server was then able to detect the OLE update. I tried the workaround on a server with OLE 18 as well, this also allowed the server to detect the update.