Post reply

CVE-2019-1068 and CU4 for SP3

  • September 13, 2019 at 5:33 am

    #3679706

    Hello, i have probably dumb question but i cant find good answer so far.

    Does CU4 for SP3 (for SQL 2014 ofc) mitigates CVE-2019-1068 voulnerabilty. Here is my thinking so far:

    1. Yes - because  CU4 was released after that voulnerability and after fix for it was availabl
    2. No - because its not on list of fixes for CU4
    3. Yes - because CU4 upgrades SQL to version not listed as affected here: https://portal.msrc.microsoft.com/en-US/security-guidance/advisory/CVE-2019-1068
    4. No - because CU4 is not listed as remediation for this vulnerability on page from point 3.

    Thats pretty much it. As you can see im kinda torn apart. Any clarification would be most welcome.

  • September 14, 2019 at 6:10 am

    #3680029

    Thanks for posting your issue and hopefully someone will answer soon.

    This is an automated bump to increase visibility of your question.

Viewing 2 posts - 1 through 1 (of 1 total)

You must be logged in to reply to this topic. Login to reply