About SQL 2016 patch

Copper Contributor

After SQL 2016 has been patched with SQL (CVE-2022-29143), can't the 2021 or 2020 patch be applied again? Or, the new ones cover the old ones, thank you!

After SQL 2016 was patched with SQL (CVE-2022-29143), the Microsoft SQL privilege escalation vulnerability (CVE-2021-1636), the Microsoft SQL Server Reporting Services security vulnerability (CVE-2020-0618), and the Microsoft SQL Server buffer error vulnerability (CVE-2018-8273) could not be patched. It was the new one. Can't the old one be patched again? Or, the new ones cover the old ones, thank you!

2 Replies

 


After SQL 2016 has been patched with SQL (CVE-2022-29143), can't the 2021 or 2020 patch be

@Yangbo_Liu , there are no SQL Server version 2020/21, so what are you are talking about?

CU = "Cumulative Updates" are cumulative and that means each includes the updates of the previous updates.

Is the SQL 2016 patched with the new one (CVE-2022-29143), the old one (CVE-2021-1636,CVE-2020-0618,CVE-2018-8273) can't be patched? Or,Is the new ones cover the old ones?Look forward to your reply,thank you!