Microsoft’s new security bulletin MS15-058 describes security vulnerabilities that could allow remote code execution – or what we call in the business, “a bad time.” There are security updates listed for each version of SQL Server in that post, and we’ve updated the links on SQLServerUpdates.com.
Note that SQL Server 2014 SP1 is not affected by this issue, but while they have your attention, they’re also suggesting that 2014 SP1 issues install a fix for an issue that was only giving partial query results for columnstore indexes. (Hey, explains why they’re so doggone fast.)