The corresponding update is the update you need to install.
Note If your SQL Server version number does not fall within any of the ranges in the table below, your SQL Server version is no longer supported.
Does the offer to update a non-vulnerable version of software constitute an issue in the Microsoft update mechanism? The update mechanism is functioning correctly in that it detects a product version for the applicable software on the system that is within the range of product versions that the update applies to and thus, offers the update. For more information on determining your SQL Server version number, see Microsoft Knowledge Base Article 321185.
There are both GDR and QFE updates offered for SQL Server 2000. Second, in the table below, locate the version range that your SQL Server version number falls within.
The security update addresses the vulnerability by disabling the vulnerable version of the Windows common controls and replacing it with a new version that does not contain the vulnerability.
For more information about the vulnerability, see the Frequently Asked Questions (FAQ) subsection for the specific vulnerability entry under the next section, Vulnerability Information. Customers can configure automatic updating to check online for updates from Microsoft Update by using the Microsoft Update service.
By default, supported versions of Microsoft SQL Server 2005 and Microsoft SQL Server 2008 default installations include the Windows common controls.
See also the section, Detection and Deployment Tools and Guidance, later in this bulletin. Microsoft Knowledge Base Article 2720573 documents the currently known issues that customers may experience when installing this security update.In order to address an issue involving specific digital certificates that were generated by Microsoft without proper timestamp attributes, Microsoft rereleased this bulletin to replace the KB2687323 update with the KB2726929 update for Windows common controls on all affected variants of Microsoft Office 2003, Microsoft Office 2003 Web Components, and Microsoft SQL Server 2005.For more information, see Microsoft Security Advisory 2749655.The update packages that apply to SQL Server 2005 and SQL Server 2008 are the same packages that apply to Microsoft Office.See the section, Affected Software, for more information.This includes all supported editions of Microsoft Office 2003, Microsoft Office 2007, Microsoft Office 2010 (except x64-based editions), Microsoft SQL Server 2000 Analysis Services, Microsoft SQL Server 2000 (except Itanium-based editions), Microsoft SQL Server 2005 (except Microsoft SQL Server 2005 Express Edition, but including Microsoft SQL Server 2005 Express Edition with Advanced Services), Microsoft SQL Server 2008, Microsoft SQL Server 2008 R2, Microsoft Commerce Server 2002, Microsoft Commerce Server 2007, Microsoft Commerce Server 2009, Microsoft Commerce Server 2009 R2, Microsoft Host Integration Server 2004 Service Pack 1, Microsoft Visual Fox Pro 8.0, Microsoft Visual Fox Pro 9.0, and Visual Basic 6.0 Runtime.