Security Update for SQL Server 2016 SP2 (KB4505220)

Microsoft Download Center Archive

Published: 15 July 2024
Version: 13.0.5101.9
Product: Servers
Language: English

This update refreshes Microsoft SQL Server 2016 SP2

A remote code execution vulnerability exists in Microsoft SQL Server when it incorrectly handles processing of internal functions. An attacker who successfully exploited this vulnerability could execute code in the context of the SQL Server Database Engine service account.
To exploit the vulnerability, an authenticated attacker would need to submit a specially crafted query to an affected SQL server. The security update addresses the vulnerability by modifying how the Microsoft SQL Server Database Engine handles the processing of functions.

More information about the vulnerability can be found here: KB4505220

Supported SQL Server versions impacted are:
SQL Server 2016 SP2 when running on x64 processor systems.

At the current time, the following patched SQL Server security updates are available for download:
SQL Server 2014 SP2 GDR (KB4505217)
SQL Server 2014 SP2 CU17 + GDR (KB4505419)
SQL Server 2014 SP3 GDR (KB4505218)
SQL Server 2014 SP3 CU3 + GDR (KB4505422)
SQL Server 2016 SP1 GDR (KB4505219)
SQL Server 2016 SP1 CU15 + GDR (KB4505221)
SQL Server 2016 SP2 GDR (KB4505220)
SQL Server 2016 SP2 CU7 + GDR (KB4505222)
SQL Server 2017 RTM GDR (KB4505224)
SQL Server 2017 CU15 + GDR (KB4505225)

For a complete listing of the issues resolved in this update, see the associated Microsoft Knowledge Base article. After you install this update, you may have to restart your computer.

Knowledge Base Articles:	KB4505220 KB4505217 KB4505419 KB4505218 KB4505422 KB4505219 KB4505221 KB4505222 KB4505224 KB4505225

Files

Status: Live

This download is still available on microsoft.com. The downloads below will come directly from the Microsoft Download Center.

Files
SQLServer2016-KB4505220-x64.exe

File sizes and hashes are retrieved from the Wayback Machine’s indexes. They may not match the latest versions of files hosted on Microsoft servers.

System Requirements

Operating Systems: Windows 10, Windows 8.1, Windows Server 2012, Windows Server 2012 R2, Windows Server 2016, Windows 8, Windows Server 2019

This update is applicable to SQL Server 2016 SP2 instances.

Installation Instructions

Download the appropriate file for your computer's processor by clicking one of the links below. You can run the package directly from the link or save it on your local disk to install at a later time.

What is this?

Microsoft regularly deletes downloads for prior versions of Windows, Office, Visual Studio, SQL Server, and countless other products from their Download Center website. Legacy Update catalogues downloads that have been deleted from Microsoft Download Center since 2012.

Check our Microsoft Download Center Archive homepage or click Random to discover more downloads.

Deleted downloads are no longer supported by Microsoft, and may have known security vulnerabilities. After installing, check for updates using Legacy Update.

This page was generated from a snapshot of the Microsoft Download Center made on 24 November 2025.