Announcing the General Availability of Microsoft JDBC Driver 13.4 for SQL Server

Microsoft

Mar 18, 2026

We are excited to announce the General Availability (GA) of Microsoft JDBC Driver 13.4 for SQL Server. This release incorporates all improvements delivered across the 13.3.x preview cycle (13.3.0, 13.3.1, and 13.3.2) and represents a significant step forward in performance observability, AI/vector workload readiness, SQL Server 2025 compatibility, and security posture.

You can download the driver from Maven Central, Microsoft Learn, or from GitHub Releases. As with previous releases, two JAR variants are available: jre8 for Java 8 and jre11 for Java 11 and above.

Highlights

Vector (FLOAT16) Subtype Support

Building on the native VECTOR data type support introduced earlier, version 13.4 adds FLOAT16 subtype support with full IEEE-754 compliant serialization and deserialization between Java Float[] and the half-precision wire format. This enables efficient float16 vector storage and transmission for AI, embeddings, and vector search workloads—reducing memory footprint and network payload without changing the Java programming model.

Performance Logger: Connection and Statement-Level Metrics

A new performance logging framework gives developers and operators visibility into driver-level latencies. In 13.4, the logger covers:

Connection metrics: prelogin, login, and token acquisition timing via the com.microsoft.sqlserver.jdbc.PerformanceMetrics.Connection logger.
Statement metrics: granular execution phases including REQUEST_BUILD, FIRST_SERVER_RESPONSE, PREPARE, PREPEXEC, and EXECUTE for both Statement and PreparedStatement.

An extensible callback infrastructure is included for custom telemetry integration.

New prepareMethod Options

Two new prepareMethod connection property values provide fine-grained control over how the driver executes prepared statements:

prepareMethod=none — Forces literal parameter substitution with SQL batch execution, bypassing server-side prepared statement handles (sp_prepexec / sp_prepare). Only recommended for applications that require Sybase-style compatibility with DYNAMIC_PREPARE=false behavior.
prepareMethod=scopeTempTablesToConnection — This option applies the prepareMethod=none behavior only to prepared statements with references to temporary table creation. This behavior ensures temporary tables created by a prepared statement persist on the connection after the prepared statement finishes. Other prepared statements will use prepareMethod=prepexec behavior. This option is only recommended for existing applications that require this temporary table behavior.

Both options leave the default behavior unchanged.

ADAL Removed - Entra (Azure Active Directory) Integrated Authentication Modernized

The legacy ADAL dependency (`adalsql.dll`/`adal.dll`) has been fully removed. Entra ID Integrated Authentication (`Authentication=ActiveDirectoryIntegrated`) now uses mssql-auth.dll, a component installed by the latest Microsoft ODBC Driver 18 for SQL Server and Microsoft OLE DB Driver 19 for SQL Server.

Java 25 (LTS) Support

Official support for Java 25 (LTS) has been added, while non-LTS Java versions 22–24 have been removed from build configurations. This simplifies maintenance and ensures the driver is tested against the Java versions that matter most for production workloads.

SQL Server 2025 Readiness

DatabaseMetaData.getColumns() now prefers sp_columns_170 on SQL Server 2025 for accurate metadata on newer types such as VECTOR and enhanced JSON, with automatic fallback to sp_columns_100 for older versions. Combined with expanded test coverage, the driver is fully validated against SQL Server 2025.

Security Updates

Transitive dependencies have been upgraded to address multiple CVEs:

azure-identity → 1.18.2
msal4j → 1.23.1
Netty → 4.1.130.Final
Reactor Netty → 1.2.13
Nimbus JOSE JWT → 10.0.1

These updates resolve CVE-2025-59250, CVE-2025-67735, CVE-2025-53864, CVE-2025-58056, CVE-2025-58057, CVE-2025-55163, CVE-2025-24970, CVE-2025-22227, and CVE-2025-25193, with no breaking API changes.

Additionally, RFC 5280–compliant IP address validation has been added to SSL certificate SAN checks, removing the need for hostname workarounds when connecting via IP over TLS.

Bug Fixes

Version 13.4 includes a substantial number of stability and correctness fixes accumulated across the preview cycle:

Area	Fix
Cross-database stored procedures	sp_sproc_columns is now fully qualified with database.sys, fixing metadata lookup failures with named parameters across databases and eliminating schema name-squatting risks.
Nested stored procedure errors	Multiple nested RAISERROR calls now surface correctly via SQLException.getNextException() through lazy exception chaining.
Geography parsing	Scientific notation in coordinates (e.g., negative exponents in WKT) no longer causes NumberFormatException.
Bulk copy: SQL functions	Automatic fallback to standard batch execution when SQL functions like len(?) are used with useBulkCopyForBatchInsert.
Bulk copy: computed columns	Destination column validation now correctly ignores computed persisted columns, preventing false "invalid column mapping" errors.
Bulk copy: InputStream	setBinaryStream() now works correctly with Bulk Copy for Batch Insert into VARBINARY(MAX) columns.
Bulk copy: isolated quotes	Tab-delimited data with isolated quotes no longer causes IndexOutOfBoundsException.
getIndexInfo() collation	Collation conflicts in mixed-collation environments are resolved by applying COLLATE DATABASE_DEFAULT consistently.
getSchemas() catalog	Built-in schemas (dbo, sys, etc.) now return correct TABLE_CATALOG values instead of NULL.
Statement.execute() update counts	Valid update counts are no longer silently lost after an error in mixed batch execution.
PreparedStatement update counts	Accurate counts are now returned for multi-value INSERT statements with triggers.
Fatal error handling	TDS DONE tokens with fatal severity (25+) are properly detected and propagated, preventing silent failures.
TVP metadata	getParameterMetaData() no longer crashes when called on statements using Table-Valued Parameters.
supportsIntegrityEnhancementFacility	Now correctly returns true, reflecting SQL Server's full constraint support.
Azure Synapse serverless	getIndexInfo() falls back to sys.indexes when sp_statistics is unavailable.

Testing and Quality Improvements

This release reflects a significant investment in test infrastructure and coverage:

State-machine testing framework — A lightweight, seed-reproducible framework for randomized JDBC state exploration in JUnit 5, improving edge-case detection with reproducible failures.
Migrated FX regression tests — 37 legacy regression scenarios covering statement execution, ResultSet behavior, batching, cursors, and transaction flows have been migrated to JUnit with full behavioral parity.
Expanded unit test coverage — Key components including SQLServerCallableStatement, SQLServerDatabaseMetaData, SQLServerPreparedStatement, and SQLServerResultSet now have greater test coverage.
Mockito integration — Added as a test dependency for better unit test isolation and control.
AI-assisted development context — ARCHITECTURE.md, GLOSSARY.md, and PATTERNS.md have been added to guide contributors using AI coding assistants.

Getting Started

Maven:

<dependency>
    <groupId>com.microsoft.sqlserver</groupId>
    <artifactId>mssql-jdbc</artifactId>
    <version>13.4.0.jre11</version>
</dependency>

Gradle:

implementation 'com.microsoft.sqlserver:mssql-jdbc:13.4.0.jre11'

Replace jre11 with jre8 if you are on Java 8.

Breaking Changes

There are no breaking API changes in this release. The removal of the ADAL dependency for Entra ID Integrated Authentication is transparent. The only difference from previous releases is `Authentication=ActiveDirectoryIntegrated` now has a requirement that the latest Microsoft ODBC Driver 18 for SQL Server or Microsoft OLE DB Driver 19 for SQL Server be installed.