Blog Post

SQL Server Blog

7 MIN READ

Update: Security hotfixes released for ODBC and OLE DB drivers for SQL Server

DavidEngelMS

Microsoft

Apr 09, 2024

We've released hotfix packages for the following drivers to address important security issues:

Microsoft ODBC Driver 17 for SQL Server (version 17.10.6 release notes / download)
Microsoft ODBC Driver 18 for SQL Server (version 18.3.3 release notes / download)
Microsoft OLE DB Driver for SQL Server (version 18.7.2 release notes / download)
Microsoft OLE DB Driver 19 for SQL Server (version 19.3.3 release notes / download)

Related CVEs for these updates are the following:

For ODBC:

For OLE DB:

All the issues involve connecting to a malicious server that sends malicious data in order to compromise a client. These driver updates are available via Microsoft Update, standalone download, and are included in the SQL Server 2019 and SQL Server 2022 updates that released April 9, 2024.

Next steps

For Windows installations, automatic updates will be provided via Microsoft Update or you can download the packages directly:

Microsoft ODBC Driver 17 for SQL Server (version 17.10.6 download)
Microsoft ODBC Driver for SQL Server (version 18.3.3 download)
Microsoft OLE DB Driver 18 for SQL Server (version 18.7.2 download)
Microsoft OLE DB Driver 19 for SQL Server (version 19.3.3 download)

Linux and macOS packages for ODBC are also available and can be updated via package managers on most platforms. For installation details and manual instructions, see the online instructions for Linux or macOS.

**** UPDATE ****

If you need the packages from the Microsoft Update catalog, unfortunately those weren't uploaded with unique names. Here is a table to help you to identify and download them. These packages are wrappers around the MSI packages and only perform a silent install/update. The update package for Microsoft OLE DB Driver 19 for SQL Server also includes the VC Runtime to ensure a seamless update from OLE DB driver version 19.2 or lower.

Microsoft ODBC Driver 17 for SQL Server

x64	CHS - Chinese (Simplified, China)	msodbcsql_e51f599f4d7dc61657737475032aeaa032c33955.exe
x64	CHT - Chinese (Traditional, Taiwan)	msodbcsql_964848d9a5f626785a4a284953a28591b8cd5fb2.exe
x64	DEU - German (Germany)	msodbcsql_6f1fecd9db5c96a531579663094f9027d9b5d2d8.exe
x64	ENU - English (United States)	msodbcsql_3be4cf889ad6c6334b15ac136d57321cbca28026.exe
x64	ESN - Spanish (Spain, International Sort)	msodbcsql_c1b6ef0bf792bac8882f639a9c812d0f862b3837.exe
x64	FRA - French (France)	msodbcsql_8b92761090a40302481a2634ad47bcfbc1b6927e.exe
x64	ITA - Italian (Italy)	msodbcsql_e7c8c703bc0fb1886fbc71d9526b949c871d35b6.exe
x64	JPN - Japanese (Japan)	msodbcsql_ccd4b3f52ae639daf0d7ab3f90e8582707d00a38.exe
x64	KOR - Korean (Korea)	msodbcsql_f612d2e9575fbb4e7fd5518c9b66dc63a910c7ee.exe
x64	PTB - Portuguese (Brazil)	msodbcsql_484b66ed7c2430d2cbaae4245e19c56a40d21793.exe
x64	RUS - Russian (Russia)	msodbcsql_d1ec4a696a0067b2284ea8d07eeea19edf8cd197.exe
x86	CHS - Chinese (Simplified, China)	msodbcsql_89a7195b4995e261f228eb23bcc921f0562e5d38.exe
x86	CHT - Chinese (Traditional, Taiwan)	msodbcsql_056f06d3242ea0ee028e6d6e4c66ea83ba3a7ff3.exe
x86	DEU - German (Germany)	msodbcsql_5c78125b31280f6d593dbc37bbc9e888f80dbf93.exe
x86	ENU - English (United States)	msodbcsql_8d894d5d9d52be9c8afaf04cebe7c0e26ef1f50e.exe
x86	ESN - Spanish (Spain, International Sort)	msodbcsql_0b915a083268a540200396c79bb6e8468fe269a1.exe
x86	FRA - French (France)	msodbcsql_9630db4b9616b469c15ee26f92218bf8f37a612f.exe
x86	ITA - Italian (Italy)	msodbcsql_a6a50dafcc046e1e975ad2a9126927bb7c27cc87.exe
x86	JPN - Japanese (Japan)	msodbcsql_f391827671f33c7245783e8888ed97d5fb8247bc.exe
x86	KOR - Korean (Korea)	msodbcsql_45d24645bfe966616f2ae14af9a47ed7c8bf866e.exe
x86	PTB - Portuguese (Brazil)	msodbcsql_c501e52dd16c1f474cf16b87897eca7ce68e26e1.exe
x86	RUS - Russian (Russia)	msodbcsql_4df8e9a04a74db8c8b69c732ceee09ff043ed613.exe

Microsoft ODBC Driver 18 for SQL Server

arm64	CHS - Chinese (Simplified, China)	msodbcsql_d6429322aeffce17b62fcd08d794525eb12c53dd.exe
arm64	CHT - Chinese (Traditional, Taiwan)	msodbcsql_3ca79964a0eacbc23ac02e14449817e09eba5f5f.exe
arm64	DEU - German (Germany)	msodbcsql_11b74070966835e7d8888ad7747d88fa99419f33.exe
arm64	ENU - English (United States)	msodbcsql_ce484e3fcbd3f469bdb3a111db3fa54dd6b05680.exe
arm64	ESN - Spanish (Spain, International Sort)	msodbcsql_8c8764147aee5b640a3bab87c44f341e71d88374.exe
arm64	FRA - French (France)	msodbcsql_2bf88aceb9d63cfeca296a36834a5663487d0e6e.exe
arm64	ITA - Italian (Italy)	msodbcsql_114aeac50d098f51c5927ebc0f7f029f92dcda95.exe
arm64	JPN - Japanese (Japan)	msodbcsql_29fba293f1e87ebabc6343350b576e46a2c46340.exe
arm64	KOR - Korean (Korea)	msodbcsql_a79158f22e7934783403888a95ef99fc2faa3d5a.exe
arm64	PTB - Portuguese (Brazil)	msodbcsql_6ec2fa6f16799a040bb46eb37b000b59bec57128.exe
arm64	RUS - Russian (Russia)	msodbcsql_20e3076b9649b4750b0845480cc2e7fbfbf74841.exe
x64	CHS - Chinese (Simplified, China)	msodbcsql_68f6348c2d82c528b4f9aeb4f633120f87c4f86e.exe
x64	CHT - Chinese (Traditional, Taiwan)	msodbcsql_790a632f2d36b01c8d2e25ebf2b87c4d3308aae5.exe
x64	DEU - German (Germany)	msodbcsql_d25a73bfc9f9aa99421ed4fd4b9b4a1f7960b08c.exe
x64	ENU - English (United States)	msodbcsql_af0d0c6e2384cd58d940c5befcfb549d03a99c03.exe
x64	ESN - Spanish (Spain, International Sort)	msodbcsql_ec35907c14361ff11a5a133d9bb24fd12b4fdac1.exe
x64	FRA - French (France)	msodbcsql_7a4c0f154d2de1b2017089324933bf2d2b6c56aa.exe
x64	ITA - Italian (Italy)	msodbcsql_969c33d28dd334fd532b4299327dc0c7081e828c.exe
x64	JPN - Japanese (Japan)	msodbcsql_3cc35f29c4e706bbd7f318b019b259472ca4bc73.exe
x64	KOR - Korean (Korea)	msodbcsql_983724aa898fc9bd21a29fed0f1283e64473637e.exe
x64	PTB - Portuguese (Brazil)	msodbcsql_88eaff47a03caa9de49c5004e52222d00a59d0f8.exe
x64	RUS - Russian (Russia)	msodbcsql_a5145f70bba5ba53e84da41eca8e38bc1c743ad5.exe
x86	CHS - Chinese (Simplified, China)	msodbcsql_2b37c611084d8f3ca3452cad22bd10e9b0d3aa88.exe
x86	CHT - Chinese (Traditional, Taiwan)	msodbcsql_e7bff1ce25ae6af17a36633b76fecb0993a0fccd.exe
x86	DEU - German (Germany)	msodbcsql_f8621f5b0a2ef0f1a1580c61920537a8c8468c8d.exe
x86	ENU - English (United States)	msodbcsql_920514c996e468ec569483f0d4af563ecae9f59b.exe
x86	ESN - Spanish (Spain, International Sort)	msodbcsql_0f12cf99cf17361132e5dc1f776291f578bc8e2f.exe
x86	FRA - French (France)	msodbcsql_8d975621f42ef15b09c4d3690a7a953ee639e058.exe
x86	ITA - Italian (Italy)	msodbcsql_95d5fed8d736bae71db73d3b43167ae6de1f27d2.exe
x86	JPN - Japanese (Japan)	msodbcsql_e82e5ba78145cec63b11b4fb7d4ba48b6c6a13d0.exe
x86	KOR - Korean (Korea)	msodbcsql_90e91234beccc15e321c28ef7dffbabf7a013614.exe
x86	PTB - Portuguese (Brazil)	msodbcsql_7ab9a44d07ba8c53956616809886accbd00d4292.exe
x86	RUS - Russian (Russia)	msodbcsql_3505a66ff98f79a3ae7020a6700da840d6d7bf0d.exe

Microsoft OLE DB Driver 19 for SQL Server

arm64	CHS - Chinese (Simplified, China)	msoledbsql_43acd336d217059e95f6267c1047e22f9a9f02b4.exe
arm64	CHT - Chinese (Traditional, Taiwan)	msoledbsql_08caa43437a3fa37c0fa0ff6b809ea4fddf3944f.exe
arm64	DEU - German (Germany)	msoledbsql_c7ef56c839fcd3c2be993a4a13eef0051706f853.exe
arm64	ENU - English (United States)	msoledbsql_f732d80410a3b89594d623c8880d9eedf544b34b.exe
arm64	ESN - Spanish (Spain, International Sort)	msoledbsql_6dae4f609414d7c4a6bfa68efc7bf37923c19a50.exe
arm64	FRA - French (France)	msoledbsql_6c26f847df1825567fef8bb18d87a5fa1047a91c.exe
arm64	ITA - Italian (Italy)	msoledbsql_d6066ced3849d03dffd6f044d350fe022abed76d.exe
arm64	JPN - Japanese (Japan)	msoledbsql_0c749d690a294324ac8f1bc8aae1353c18c1e050.exe
arm64	KOR - Korean (Korea)	msoledbsql_756cf258183f652973a01a0cb011c616d6ffaa80.exe
arm64	PTB - Portuguese (Brazil)	msoledbsql_af22dfb5dcb8b82d39278c0672351f00d991212a.exe
arm64	RUS - Russian (Russia)	msoledbsql_16572090fc33574865c2ccea67a74aadf49bfd20.exe
x64	CHS - Chinese (Simplified, China)	msoledbsql_5123e478fe7abcaa9abd20e567993b39d7dfc31f.exe
x64	CHT - Chinese (Traditional, Taiwan)	msoledbsql_58d818cc0de54f08ce9cacc37c8ed3bb22fed4a1.exe
x64	DEU - German (Germany)	msoledbsql_e3db452afaa7d4ba8f9830a55fe356efe6f7679a.exe
x64	ENU - English (United States)	msoledbsql_5d9ba7fc85b7a2c1ba9d68a1acc7b5f326e91657.exe
x64	ESN - Spanish (Spain, International Sort)	msoledbsql_cc6911066dfda194a2abdfff241eb75e66f04d0d.exe
x64	FRA - French (France)	msoledbsql_10a313d9fa513419c38eb4db20cf118ce1551907.exe
x64	ITA - Italian (Italy)	msoledbsql_97763d7eb7e790d636db19fe41749a8aaec1963c.exe
x64	JPN - Japanese (Japan)	msoledbsql_f0789875353f35ce2910875bf14aeac675e3a7f7.exe
x64	KOR - Korean (Korea)	msoledbsql_ae6b59478c68bd09f83b237dbb2e3761d517a8b4.exe
x64	PTB - Portuguese (Brazil)	msoledbsql_30e98fe757911508e02cd83d5cb4c19c38020262.exe
x64	RUS - Russian (Russia)	msoledbsql_822563f17bf8894291e895a9296d8b0902c7cea5.exe
x86	CHS - Chinese (Simplified, China)	msoledbsql_f378efad44b17bae7d2931769ff6e14875ed1fb9.exe
x86	CHT - Chinese (Traditional, Taiwan)	msoledbsql_33b3ed6e2939d25433d3bd9b2cb3acb75c6a8615.exe
x86	DEU - German (Germany)	msoledbsql_21395c39a135cec883e9e5133bafb6f38a2733e4.exe
x86	ENU - English (United States)	msoledbsql_cace0407fc56c6ff5c585feeedaa07572be9f3d3.exe
x86	ESN - Spanish (Spain, International Sort)	msoledbsql_cd3774f2157befe556311137b852d9a1801eb693.exe
x86	FRA - French (France)	msoledbsql_37ddfdabbe39af42ce0f79852cbe850b42edf8f6.exe
x86	ITA - Italian (Italy)	msoledbsql_7afb76bccb20bff7e675e72c1ce9adfe871448b5.exe
x86	JPN - Japanese (Japan)	msoledbsql_20547cce52cbe8fe6793ed4cd34ca4e1b37f06e1.exe
x86	KOR - Korean (Korea)	msoledbsql_61e5659ba6b5877b426fe907610798ee3d26b2ef.exe
x86	PTB - Portuguese (Brazil)	msoledbsql_c5eb044240673596798b5cc24a5bb2caa0504109.exe
x86	RUS - Russian (Russia)	msoledbsql_419c7abd7409ae93d17e0e39f9e6fefce4b230ef.exe

Microsoft OLE DB Driver for SQL Server

x64	CHS - Chinese (Simplified, China)	msoledbsql_c6eaf03bfc1a2525700ce9fc9632808b48de3127.exe
x64	CHT - Chinese (Traditional, Taiwan)	msoledbsql_17c28829408308a42bb4de1b89f2d99eebcfcd4e.exe
x64	DEU - German (Germany)	msoledbsql_e475bb9ef48e729f6cd7023adff2d2e2a7c6984d.exe
x64	ENU - English (United States)	msoledbsql_428a3a836d88fc9f1c24343fcd35492c81363f12.exe
x64	ESN - Spanish (Spain, International Sort)	msoledbsql_98b75adf71f7172c7ae389566136961fde68b47f.exe
x64	FRA - French (France)	msoledbsql_78185ad29efd9557f86e5c6ff294a29dd3b1488f.exe
x64	ITA - Italian (Italy)	msoledbsql_93218beb8bf5923ab70723ed2395fa79838ed181.exe
x64	JPN - Japanese (Japan)	msoledbsql_6c2e9a456b4785232154f23045c73a98e583beb0.exe
x64	KOR - Korean (Korea)	msoledbsql_a9334f6716909d291395a9604034433572858e4a.exe
x64	PTB - Portuguese (Brazil)	msoledbsql_6f72c61285ea7026b9495b68a57e623bc98d482b.exe
x64	RUS - Russian (Russia)	msoledbsql_e202f01788700d1ea2314365af5efe23ce950f4c.exe
x86	CHS - Chinese (Simplified, China)	msoledbsql_9039268f21bfd17cd1a1dfe7343085f93f170ac5.exe
x86	CHT - Chinese (Traditional, Taiwan)	msoledbsql_0e45e3f6a31a9be4e81366945623e34381fd1462.exe
x86	DEU - German (Germany)	msoledbsql_83338f79d888effa92687f7b7218eca3e80995b7.exe
x86	ENU - English (United States)	msoledbsql_0e9a44639617a426644c993cf9a358c0373f0fb3.exe
x86	ESN - Spanish (Spain, International Sort)	msoledbsql_025c4a6e49548bd6958d0de9f29ee3d7cf3e5390.exe
x86	FRA - French (France)	msoledbsql_7b0502f137fbcaa4e600c7d70bf6a12ac0456524.exe
x86	ITA - Italian (Italy)	msoledbsql_fd3674366567eb2544aac86d0c62167ff2be8ca0.exe
x86	JPN - Japanese (Japan)	msoledbsql_0b9eede5c7bb8441fd881929a2298a5664fddcf1.exe
x86	KOR - Korean (Korea)	msoledbsql_306c3c8273d2e73cee2d5dc2369907fda3f1b6f1.exe
x86	PTB - Portuguese (Brazil)	msoledbsql_cf1b47d862375c1e7d65a93d6978d2d0f8bd8d90.exe
x86	RUS - Russian (Russia)	msoledbsql_84579da9d6eab022b52c6724ab61c799a254deff.exe

How do I know what version of a driver I have installed?

On Windows, look in Add or remove programs. The version is shown with the installed package. Additionally, you can look at the file properties of the installed files and inspect the Product Version field in the Details. Here are the main files for each driver:

Microsoft ODBC Driver 17 for SQL Server - %Windir%\system32\msodbcsql17.dll
Microsoft ODBC Driver 18 for SQL Server - %Windir%\system32\msodbcsql18.dll
Microsoft OLE DB Driver for SQL Server - %Windir%\system32\msoledbsql.dll
Microsoft OLE DB Driver 19 for SQL Server - %Windir%\system32\msoledbsql19.dll

On Linux you can use package manager commands to view the version of the installed ODBC driver package. Or you can look directly at the files, which live in /opt/microsoft/msodbcsql17/lib64/ or /opt/microsoft/msodbcsql18/lib64/ and have the version in their name: libmsodbcsql-17.X.so.X.X or libmsodbcsql-18.X.so.X.X.

Roadmap

We are committed to improving quality and bringing more feature support for connecting to SQL Server Azure SQL Database Azure SQL DW, and Azure SQL Managed Instance through regular driver releases. We invite you to explore the latest the Microsoft Data Platform has to offer via a trial of Microsoft Azure SQL Database or by evaluating Microsoft SQL Server.

David Engel

Updated Sep 24, 2024

Version 4.0

sqlserverdrivers

DavidEngelMS

Microsoft

Joined January 22, 2020

View Profile

SQL Server Blog

Follow this blog board to get notified when there's new activity

26 Comments

pmandad
Copper Contributor
Sep 18, 2024
DavidEngelMS Yes it's intermittent. Thank you for your response.
DavidEngelMS
Microsoft
Sep 17, 2024
pmandad That seems like a problem with the caching network backing the packages.microsoft.com repository. I'm guessing it was intermittent. Is it still happening?
pmandad
Copper Contributor
Sep 11, 2024
Hello DavidEngelMS,

I am trying to build my code using ubuntu-22.04 using Azure Pipelines and it fails when I am trying to setup odbc driver 18. It fails
with the following error :

#7 8.662 The following NEW packages will be installed:
#7 8.663 mssql-tools18
#7 8.796 0 upgraded, 1 newly installed, 0 to remove and 22 not upgraded.
#7 8.796 Need to get 211 kB of archives.
#7 8.796 After this operation, 0 B of additional disk space will be used.
#7 8.796 Ign:1 https://packages.microsoft.com/ubuntu/23.04/prod lunar/main amd64 mssql-tools18 amd64 18.4.1.1-1
#7 9.858 Ign:1 https://packages.microsoft.com/ubuntu/23.04/prod lunar/main amd64 mssql-tools18 amd64 18.4.1.1-1
#7 11.92 Ign:1 https://packages.microsoft.com/ubuntu/23.04/prod lunar/main amd64 mssql-tools18 amd64 18.4.1.1-1
#7 15.99 Err:1 https://packages.microsoft.com/ubuntu/23.04/prod lunar/main amd64 mssql-tools18 amd64 18.4.1.1-1
#7 15.99 Could not handshake: A TLS fatal alert has been received. [IP: ]
#7 16.00 E: Failed to fetch https://pmc-geofence.trafficmanager.net/ubuntu/23.04/prod/pool/main/m/mssql-tools18/mssql-tools18_18.4.1.1-1_amd64.deb?geofence=true Could not handshake: A TLS fatal alert has been received. [IP: ]
#7 16.00 E: Unable to fetch some archives, maybe run apt-get update or try with --fix-missing?
#7 ERROR: process "/bin/sh -c curl https://packages.microsoft.com/keys/microsoft.asc | apt-key add - && curl https://packages.microsoft.com/config/ubuntu/23.04/prod.list > /etc/apt/sources.list.d/mssql-release.list && apt update && ACCEPT_EULA=Y apt install -y --no-install-recommends --allow-unauthenticated msodbcsql18 && ACCEPT_EULA=Y apt install -y --no-install-recommends --allow-unauthenticated mssql-tools18 && echo 'export PATH=\"$PATH:/opt/mssql-tools18/bin\"' >> ~/.bash_profile && echo 'export PATH=\"$PATH:/opt/mssql-tools18/bin\"' >> ~/.bashrc" did not complete successfully: exit code: 100
------

This builds were running good until a week ago.

I would really appreciate any suggestions.

Thank you,
Pradeep
DavidEngelMS
Microsoft
Aug 26, 2024
RKB08

Different major versions of the drivers install side by side and are considered different applications. You need to download the latest update for the major version of the existing install.

David
RKB08
Copper Contributor
Aug 24, 2024
Hello

We have standalone instances for SQL, when I am updating the ODBC, OLE they are getting installed as new instances not upgrading the exiting ones?

Is there any specific switches I have to use to upgrade the existing not install a new instance?

Any help will be highly appreciated

Kindest Regards
RKB
jbruns2019
Brass Contributor
Jul 29, 2024
How do I know what version of a driver I have installed?
let's add "how do I know what architectures of a driver I have installed? There are x86 and x64 versions for all of this. How do we get a complete inventory?

Idea: Throw together a powershell script (that runs on 5.1) which will output a nice report with versions, paths, architectures, dates etc.

This helps a little.

[System.Diagnostics.FileVersionInfo]::GetVersionInfo("C:\Windows\System32\msoledbsql.dll")
[System.Diagnostics.FileVersionInfo]::GetVersionInfo("C:\Windows\System32\msodbcsql17.dll")
[System.Diagnostics.FileVersionInfo]::GetVersionInfo("C:\Windows\System32\msodbcsql18.dll")
[System.Diagnostics.FileVersionInfo]::GetVersionInfo("C:\Windows\System32\msodlebsql19.dll")
[System.Diagnostics.FileVersionInfo]::GetVersionInfo("C:\Windows\SysWow64\msoledbsql.dll")
[System.Diagnostics.FileVersionInfo]::GetVersionInfo("C:\Windows\SysWow64\msodbcsql17.dll")
[System.Diagnostics.FileVersionInfo]::GetVersionInfo("C:\Windows\SysWow64\msodbcsql18.dll")
[System.Diagnostics.FileVersionInfo]::GetVersionInfo("C:\Windows\SysWow64\msodlebsql19.dll")
Michael_Dawson
Copper Contributor
Jun 24, 2024
Does anyone know how I can test if KB5037570 is installed using PowerShell?
DavidEngelMS
Microsoft
Jun 18, 2024
shivahsvs

A standalone installation of the ODBC or OLE DB drivers can't control applications or services that might use it. If an application has driver files locked, the application will either need to be stopped or the driver installation will require a reboot.

SQL Server 2019 and 2022 both use those drivers (earlier SQL Server versions do not). As an alternative to using the standalone driver installers, you can install the latest update for SQL Server 2019/2022, which includes the latest ODBC/OLEDB driver in it. This way the SQL Server installer will stop/start its own services as part of the install.

Regards,

David
shivahsvs
Copper Contributor
Jun 18, 2024
DavidEngelMS Thank you for sharing this useful article.

While manually updating ODBC drivers, we had to stop SQL Agent service, because setup says the file is already in use.
While manually updating OLEDB drivers, we had to stop SQL Agent Service and the SQL DB Engine service, because setup says the file is already in use.

We noticed this is happening only on SQL Server 2019 or 2022 servers. We did not have to stop SQL Agent or DB engine services in SQL Server 2016 or earlier version servers. Is this a known issue from Microsoft side? Is there any way to update the ODBC/OLE DB drivers without stopping the SQL Agent or DB Engine services on SQL server 2019 or 2022 servers?
_xblane
Copper Contributor
Jun 05, 2024
Thanks DavidEngelMS
I tried the above workaround on a server with OLE 19, ie, creating "HKLM\Software\Microsoft\Microsoft ODBC Driver 18 for SQL Server". The server was then able to detect the OLE update. I tried the workaround on a server with OLE 18 as well, this also allowed the server to detect the update.