Here is a roundup of recent security updates for SQL Server from the SQL Server Blog announcements.

Recent Posts:

• Preparing for the Deprecation of TLS 1.0 and 1.1 in Azure Databases
• Immutability: A Powerful Shield Against Ransomware in SQL Environments
• Announcing General Availability of Enhanced Server Audit for Azure SQL Database
• Convert geo-replicated databases to Hyperscale
• General Availability: Continuous Migration Assessment for SQL Server Enabled by Azure Arc
• Secure by default: What’s new in SQL Server 2025 security
• Get help preparing for your Microsoft Certification exam with Course videos

Security Updates: July 2025

• Cumulative Update #20 for SQL Server 2022 RTM
• Security Update for SQL Server 2022 RTM CU19
• Security Update for SQL Server 2022 RTM GDR
• Security Update for SQL Server 2019 RTM CU32
• Security Update for SQL Server 2019 RTM GDR
• Security Update for SQL Server 2017 RTM CU31
• Security Update for SQL Server 2017 RTM GDR
• Security Update for SQL Server 2016 SP3 Azure Connect Feature Pack
• Security Update for SQL Server 2016 SP3 GDR
• Announcing the release of SSMS 21.4.8
• Early technical preview of JDBC Driver 13.1.0 for SQL Server released
• Released: Microsoft.Data.SqlClient 6.1 Preview 2

SQL Server Delivery Model:

The SQL Server team uses a scheduled delivery model for releasing fixes and product updates. These security updates are part of Microsoft’s Servicing models for SQL Server that started with the release of SQL Server 2017. In the scheduled delivery model, a customer can receive a fix to address their most critical situations in a reasonable time. Therefore, the SQL Server team has created the following delivery mechanisms.

• A General Distribution Release (GDR) update is a patch that Microsoft releases for critical issues. They often address security problems, but not exclusively. They may be available through Windows Update and sometimes are for versions no longer supported.
• A Cumulative Update (CU) release includes all the security fixes, improvements, and occasionally new features for a major version of SQL Server since its Release to Manufacture (RTM). These are available every month for the first year of a version, and then approximately every two months until the version stops receiving mainstream support (typically 4-5 years). As of January 2024, SQL Server 2022 is on a bi-monthly servicing release schedule. SQL Server 2019 has been transitioned to extended support as of Feb 28, 2025.

Choosing Between GDR and CU updates

You can choose either GDR or CU updates depending on your corporate policy or patching plan, but you cannot easily switch from CU to GDR. It is recommended to stay up to date on the CU path and test the updates in a development or staging environment before deploying to production.

So why choose the GDR path? One main reason is that testing non-critical fixes can be costly and time-consuming. An organization may lack the resources to verify all the possible changes, so only critical GDR updates are implemented in those environments.

To see which current GDR or CU update is available, first determine which version and edition of SQL Server Database Engine is running. Next, download the SQL Server builds Excel workbook from https://aka.ms/sqlserverbuilds that contains a summary list of builds and their current support lifecycle.  The Excel file also contains detailed fix lists for SQL Server 2022, SQL Server 2019, and SQL Server 2017.