Security Updates KB4505221 -- A remote code execution vulnerability exists in Microsoft SQL |
Server when it incorrectly handles processing of internal functions. An attacker who |
successfully exploited this vulnerability could execute code in the context of the SQL Server |
Database Engine service account. To exploit the vulnerability, an authenticated attacker |
would need to submit a specially crafted query to an affected SQL server. The security |
update addresses the vulnerability by modifying how the Microsoft SQL Server Database |
Engine handles the processing of functions. |