The Lasernet Server and Lasernet Meta installers install Microsoft OLE DB Driver for SQL Server. However, Lasernet 9.15.5 (and earlier) and Lasernet 10.5.2 (and earlier) install a version of the driver (18.3.0) that has the following vulnerability: https://msrc.microsoft.com/update-guide/vulnerability/CVE-2023-38169

This vulnerability is resolved in Microsoft OLE DB Driver for SQL Server 18.6.7.

To ensure that this vulnerability is not present on Lasernet servers (Server app) or clients (Meta app), use one of the following methods to upgrade the installed driver to version 18.6.7:

• Manually upgrade Microsoft OLE DB Driver for SQL Server to version 18.6.7. To do this, download the software from Microsoft and install it. The download link for the software is on the following page: https://learn.microsoft.com/en-us/sql/connect/oledb/release-notes-for-oledb-driver-for-sql-server?view=sql-server-ver16#1867

• Upgrade to Lasernet 9.15.6 or Lasernet 10.6. These versions of Lasernet install Microsoft OLE DB Driver for SQL Server 18.6.7.