Microsoft SQL Server ↗
Summary iPlain-English security verdict for Microsoft SQL Server, generated from its current health score, actively-exploited vulnerabilities, and latest supported version.
Microsoft SQL Server's security status could not be assessed at the last sync — vulnerability data was unavailable.
Disclosure trend iNew CVEs published for Microsoft SQL Server each year (NVD). A higher bar means more disclosures that year — more scrutiny, not necessarily less safe.
Patch priority — what to act on iThe issues to fix first — actively exploited (CISA KEV) first, then by exploitation probability (EPSS), then severity. Each row's "→ fixed in" is the earliest version that patches it; "see advisory" means no fixed version is published.
No urgent unpatched issues identified. ✓
How to patch Microsoft SQL Server — step-by-step to the latest secure version →
Get alerted about Microsoft SQL Server
Be emailed the moment Microsoft SQL Server gets a newly exploited vulnerability (CISA KEV) or a release reaches end of life. Free · double opt-in · unsubscribe anytime.
We email only on real events for Microsoft SQL Server — no marketing, no sharing, and we never know what you run. Track your whole stack →
Versions & lifecycle iWhen each release line stops receiving security patches (end-of-life). After EOL there are no more fixes — plan upgrades before these dates.
How long each Microsoft SQL Server release line is supported — and when it sunsets. Select a line for its full report.
Full Microsoft SQL Server end-of-life dates & support timeline →
17.0 latest 17.0.4045.5 CU5 Supported until 2036-01-0617.0.4045.5 CU5 → 16.0 latest 16.0.4255.1 CU25 Supported until 2033-01-1116.0.4255.1 CU25 → 13.0-sp3-acp latest 13.0.7085.1 Azure Connect pack+GDR Supported until 2026-07-1413.0.7085.1 Azure Connect pack+GDR → 13.0-sp3 latest 13.0.6490.1 GDR Supported until 2026-07-1413.0.6490.1 GDR → 15.0 latest 15.0.4470.1 CU32+GDR Supported until 2030-01-0815.0.4470.1 CU32+GDR → 12.0-sp3 latest 12.0.6449.1 CU4+GDR End of life ended 2024-07-0912.0.6449.1 CU4+GDR → 13.0-sp2 latest 13.0.5893.48 CU17+GDR End of life ended 2022-10-1113.0.5893.48 CU17+GDR → 11.0-sp4 latest 11.0.7512.11 GDR End of life ended 2022-07-1211.0.7512.11 GDR → 14.0 latest 14.0.3530.2 CU31+GDR Supported until 2027-10-1214.0.3530.2 CU31+GDR → 13.0-sp1 latest 13.0.4604.0 CU15+GDR End of life ended 2019-07-0913.0.4604.0 CU15+GDR → See all upcoming end-of-life dates →Frequently asked
Is Microsoft SQL Server safe and patched?
Microsoft SQL Server's security status could not be assessed at the last sync — vulnerability data was unavailable.
What should I do about Microsoft SQL Server now?
Upgrade Microsoft SQL Server to the latest supported release (17.0.4045.5 CU5) or later and apply available security updates, then confirm against Microsoft's official advisory.
When does Microsoft SQL Server reach end-of-life?
The latest supported Microsoft SQL Server release is 17.0.4045.5 CU5. After end-of-life a release no longer receives security patches.
Which versions of Microsoft SQL Server are still receiving security updates?
Supported Microsoft SQL Server release lines (latest 17.0.4045.5 CU5): 17.0, 16.0, 13.0-sp3-acp, 13.0-sp3, 15.0, 14.0. End-of-life releases no longer receive security patches.
Informational only, from public data (NVD · CISA KEV · EPSS · endoflife.date), and can lag or miss vendor-specific fixes. Always confirm against Microsoft's official advisory before you patch or upgrade — Microsoft SQL Server official site ↗