Share via

Is CVE-2025-29803 affecting SSMS 20.2.0 which comes with Visual Studio Tools for Applications 2019

Anonymous
2025-06-20T07:12:49.6633333+00:00

I would like to check for "Security advisories 20.2.1", it states for "CVE-2025-29803" that "If you have already installed SSMS 20.2 or an earlier version installed on your machine, you are not exposed to this vulnerability.".

I am using SSMS 20.2.0 which comes with Visual Studio Tools for Applications 2019, am i exposed to CVE-2025-29803?
References: https://learn.microsoft.com/en-us/ssms/release-notes-20

SQL Server Database Engine
0 comments

1 answer

Sort by: Most helpful
Most helpful Newest Oldest
  1. Erland Sommarskog 134.1K Reputation points MVP Volunteer Moderator
    2025-06-20T09:11:45.6166667+00:00

    I don't know anything about this vulnerability as such, but the inference of the sentence above is: Yes, you are.

    In any case, SSMS is frequently updated, and there is little reason to stay with an old version. SSMS 21 has been out for a while now, and I would recommend that you download and install SSMS 21.

    Since SSMS 21 installs in parallel with SSMS 20, I would also recommend that you either uninstall SSMS 20.0.2, or upgrade SSMS 20 to 20.2 to make sure that you are not exposed to this vulnerability.

    Was this answer helpful?

    0 comments

Your answer

Answers can be marked as 'Accepted' by the question author and 'Recommended' by moderators, which helps users know the answer solved the author's problem.