Microsoft SQL Server (not Exchange Server)
In place (and instead) of Microsoft Exchange Server, we have a special guest this month: Microsoft SQL Server. Microsoft released 38 patches for its database platform, making it one of the largest, most complex and technically challenging updates in memory.
The important thing to note here is that these updates affect how OLE (object linking and embedding), ODBC and SQL Server operate. As a critical middle layer for most business applications, this update will require significant attention from your in-house development, testing and deployment teams. It is not just a big update. It’s the multiplicative, interdependent nature of multiple cooperating systems that are being updated. Really, really.
Microsoft development platforms
Microsoft released 11 updates to the development platform, with 10 focused on Microsoft SQL ODBC issues within Microsoft Visual Studio and the other update impacting Microsoft .NET (CVE-2024-21409). This month’s .NET vulnerability has remote in the name, but it requires a local account (and permissions) and so can be added to your standard developer release schedule. The other 10 affecting SQL and ODBC? Your in-house development team will have to have an in-depth look at these updates. It could be really messy, so take your time.