How could an attacker exploit this vulnerability? An authenticated attacker could exploit the vulnerability by executing a specially crafted query using $ partition against a table with a Column Store index. There are GDR and/or CU (Cumulative Update) updates offered for my version of SQL Server. How do I know which update to use? First, determine your SQL Server version number. For more information on determining your SQL Server version number, see Microsoft Knowledge Base Article 321185 - How to determine the version, edition, and update level of SQL Server and its components. Second, in the table below, locate your version number or the version range that your version number falls within. The corresponding update is the one you need to install. Note If your SQL Server version number is not represented in the table below, your SQL Server version is no longer supported. Please upgrade to the latest Service Pack or SQL Server product in order to apply this and future security updates. Update number Title Apply if current product version is… This security update also includes servicing releases up through… 5014356 Security update for SQL Server 2019 RTM GDR: June 14, 2022 15.0.2000.5 - 15.0.2080.9 KB 4583458 - Previous SQL19 RTM GDR 5014353 Security update for SQL Server 2019 RTM CU16: June 14, 2022 15.0.4003.23 - 15.0.4223.1 KB 5011644 – SQL19 RTM CU16 5014354 Security update for SQL Server 2017 RTM GDR: June 14, 2022 14.0.1000.169 - 14.0.2037.2 KB4583456 - Previous SQL17 RTM GDR 5014553 Security update for SQL Server 2017 RTM CU29: June 14, 2022 14.0.3006.16 - 14.0.3436.1 KB5010786 – SQL17 RTM CU29 5014365 Security update for SQL Server 2016 Service Pack 2 (GDR): June 14, 2022 13.0.5026.0 - 13.0.5103.6 KB4583460 - Previous SQL16 SP2 GDR 5014351 Security update for SQL Server 2016 Service Pack 2 CU17: June 14, 2022 13.0.5149.0 - 13.0.5888.11 KB5001092 – SQL SP2 CU17 5014355 Security update for SQL Server 2016 Service Pack 3 (GDR): June 14, 2022