KB5077471 — Security Update for SQL Server 2017 CU31

Overview

KB5077471 is a critical security update released on March 10, 2026, for Microsoft SQL Server 2017 Cumulative Update 31. This update addresses multiple high-severity vulnerabilities across SQL Server components including the Database Engine, Reporting Services, Analysis Services, and Integration Services.

Security Vulnerabilities Addressed

This security update resolves several critical vulnerabilities that could compromise SQL Server security:

Database Engine Vulnerabilities

Multiple security bypass vulnerabilities in the SQL Server Database Engine could allow authenticated users to gain unauthorized access to database objects and bypass established security boundaries. These vulnerabilities affect access control mechanisms and could lead to data exposure or unauthorized data modification.

Reporting Services Remote Code Execution

Critical vulnerabilities in SQL Server Reporting Services could allow remote code execution through specially crafted report definitions or parameters. Successful exploitation could result in complete system compromise with the privileges of the SQL Server service account.

Analysis Services Privilege Escalation

Privilege escalation vulnerabilities in SQL Server Analysis Services could allow low-privileged users to gain administrative access to SSAS instances. This could lead to unauthorized access to analytical data and administrative functions.

Integration Services Information Disclosure

Information disclosure vulnerabilities in SQL Server Integration Services could expose sensitive data during package execution or through improper logging mechanisms.

Affected Systems

This security update applies to the following systems:

Installation Requirements

Before installing KB5077471, ensure the following requirements are met:

Prerequisites

• Microsoft SQL Server 2017 Cumulative Update 31 (Build 14.0.3465.1)
• Administrative privileges on the target system
• Minimum 1 GB free disk space on the system drive
• All SQL Server services stopped during installation

Installation Methods

The update can be installed through several methods:

Manual Installation

1. Download the update package from Microsoft Update Catalog
2. Stop all SQL Server services
3. Run the update package as Administrator
4. Follow the installation wizard prompts
5. Restart the system when prompted

Enterprise Deployment

For enterprise environments, deploy through WSUS, SCCM, or Microsoft Intune using standard software update management processes.

Post-Installation Verification

After installing KB5077471, verify the installation using the following methods:

SQL Server Management Studio

Connect to the SQL Server instance and execute:

SELECT @@VERSION;

Verify that the build number reflects the security update installation.

Windows PowerShell

Use PowerShell to verify the installed update:

Get-HotFix -Id KB5077471

Event Logs

Check the Windows Application Event Log for SQL Server startup events confirming successful update installation.

Security Impact Assessment

Organizations should prioritize installation of KB5077471 due to the critical nature of the addressed vulnerabilities. The security improvements include:

• Enhanced access control validation in Database Engine
• Improved input validation in Reporting Services
• Strengthened privilege validation in Analysis Services
• Better data protection in Integration Services

Rollback Procedures

If issues occur after installation, the update can be removed through:

• Programs and Features in Control Panel
• Windows Update history
• PowerShell using Remove-WindowsFeature cmdlets