It apparently addresses a long-standing flaw in code that was repeatedly used in SQL Server from 2000 on. Unpatched, it can allow a remote-code execution on affected platforms.

Since so many consecutive versions of SQL server are being patched by the same update, it indicates the update is addressing the same problem in all the versions, says Alex Horan, a product manager at Core Security. Generally one patch deals with a single flaw. "So from that I conclude this is the same issue (and therefore the same code) across these versions," he writes in an email.

Tim Greene covers Microsoft for Network World and writes the Mostly Microsoft blog. Reach him at tgreene@nww.com and follow him on Twitter @Tim_Greene.

in Network World's Wide Area Network section.