sqlserver2022
110 TopicsCumulative Update #26 for SQL Server 2022 RTM
The 26th cumulative update release for SQL Server 2022 RTM is now available for download at the Microsoft Downloads site. Please note that registration is no longer required to download Cumulative updates. To learn more about the release or servicing model, please visit: CU26 KB Article: https://support.microsoft.com/help/5093420 Starting with SQL Server 2017, we adopted a new modern servicing model. Please refer to our blog for more details on Modern Servicing Model for SQL Server Microsoft® SQL Server® 2022 RTM Latest Cumulative Update: https://www.microsoft.com/download/details.aspx?familyid=105013 Update Center for Microsoft SQL Server: https://learn.microsoft.com/en-us/troubleshoot/sql/releases/download-and-install-latest-updates30Views0likes0CommentsSecurity Update for SQL Server 2022 RTM CU25
The Security Update for SQL Server 2022 RTM CU25 is now available for download at the Microsoft Download Center and Microsoft Update Catalog sites. This package cumulatively includes all previous security fixes for SQL Server 2022 RTM CUs, plus it includes the new security fixes detailed in the KB Article. Security Bulletins: CVE-2026-54118 - Security Update Guide - Microsoft - Microsoft SQL Server Denial of Service Vulnerability Security Update of SQL Server 2022 RTM CU25 KB Article: KB5101347 Microsoft Download Center: https://www.microsoft.com/download/details.aspx?familyid=2c52560b-6fd0-4ceb-8d60-0c540d910d01 Microsoft Update Catalog: https://www.catalog.update.microsoft.com/Search.aspx?q=5101347 Latest Updates for Microsoft SQL Server: https://learn.microsoft.com/en-us/troubleshoot/sql/releases/download-and-install-latest-updates200Views0likes0CommentsSecurity Update for SQL Server 2022 RTM
The Security Update for SQL Server 2022 RTM GDR is now available for download at the Microsoft Download Center and Microsoft Update Catalog sites. This package cumulatively includes all previous security fixes for SQL Server 2022 RTM, plus it includes the new security fixes detailed in the KB Article. Security Bulletins: CVE-2026-54118 - Security Update Guide - Microsoft - Microsoft SQL Server Denial of Service Vulnerability Security Update of SQL Server 2022 RTM GDR KB Article: KB5102334 Microsoft Download Center: https://www.microsoft.com/download/details.aspx?familyid=db5e12bd-676a-4324-b736-10053a1d34cf Microsoft Update Catalog: https://www.catalog.update.microsoft.com/Search.aspx?q=5102334 Latest Updates for Microsoft SQL Server: https://learn.microsoft.com/en-us/troubleshoot/sql/releases/download-and-install-latest-updates75Views1like0Commentsmssql-python 1.11.0: Fixes for transaction semantics, Apple Silicon imports, and bulk copy
This release is about removing friction in real production paths. It fixes transaction handling in with blocks, restores clean-machine imports on Apple Silicon, improves NULL binary parameter binding, removes a class of hangs in SSH-tunnel-style forwarding setups, and unblocks bulk copy with service principal authentication. Upgrade pip install --upgrade mssql-python Highlights with connection: now commits on success and rolls back on exception The Connection context manager now implements the documented commit-on-success / rollback-on-exception behavior when autocommit=False. The connection still closes on exit. Code like this now behaves the way most users already expected it to: import mssql_python conn = mssql_python.connect(connection_string, autocommit=False) with conn: cursor = conn.cursor() cursor.execute("INSERT INTO dbo.audit_log(message) VALUES (?)", ("created",)) If the code in the block succeeds, the insert is committed. If the code in the block raises an error, the transaction is rolled back. Apple Silicon imports work on clean machines again We fixed the bundled macOS ODBC dylib configuration for every architecture shipped in the universal2 wheel. For Apple Silicon users, this removes a frustrating failure mode where import mssql_python could point at a missing Homebrew unixODBC path on a clean machine. In 1.11.0, the bundled libraries resolve correctly without a separate unixODBC install. NULL BINARY and VARBINARY parameters bind more reliably We fixed the SQLDescribeParam ordinal remapping issue behind GitHub issue #627. 1.11.0 improves parameter binding for NULL binary values, especially in temp-table and table-variable scenarios. When automatic type resolution is not possible, the driver now gives actionable guidance instead of a vague failure, including cursor.setinputsizes() guidance for binary columns. Bug fixes worth calling out Shutdown and parameter-typing paths no longer hang SSH-tunnel-style forwarders We fixed hangs caused by holding the GIL across blocking ODBC operations. This matters most for users routing connections through an in-process Python TCP forwarder, including SSH-tunnel-style setups. Closing connections and cursors after parameterized queries, as well as executing parameterized queries containing None, no longer wedge the interpreter in those paths. Bulk copy with service principal authentication no longer freezes 1.11.0 also picks up mssql-py-core 0.1.6, which fixes a freeze affecting bulk copy with Authentication=ActiveDirectoryServicePrincipal. If you are using service principal authentication for bulk ingest workloads, this release is worth taking promptly. Upgrading For most users, pip install --upgrade mssql-python is all you need. If you had local workarounds for broken with connection: transaction behavior, Apple Silicon import issues, or binary NULL parameter binding, 1.11.0 is the release where those workarounds should become unnecessary. This is not a feature-heavy release. We opted to focus on the friction you are reporting in real production workflows: transactional with blocks now persist successful work Apple Silicon setup is smoother on clean machines binary NULL parameters are more reliable SSH-tunnel and threaded forwarding scenarios are less fragile service principal bulk copy is unblocked Thank you Thanks to everyone who filed issues, sent repros, and reviewed fixes in this cycle. Several of the changes in 1.11.0 came directly from concrete user reports in production-like environments, which made the failure modes easier to reproduce and fix. If you upgrade to 1.11.0 and hit anything unexpected, please open an issue in the repository. Repository: microsoft/mssql-python Issue tracker: open an issue Release notes: mssql-python v1.11.077Views1like0CommentsAnnouncing Microsoft.Data.SqlClient 7.0.2 and 6.1.6
We are pleased to announce the release of Microsoft.Data.SqlClient 7.0.2 and 6.1.6, stable servicing updates now available on NuGet. Both releases include: WAM broker support for supported Microsoft Entra ID authentication modes on Windows TDS parsing security hardening with strict data-length bounds checks Key bug fixes, including a SqlDataReader null-reference path and an Always Encrypted signature verification cache fix Install or update from NuGet: dotnet add package Microsoft.Data.SqlClient --version 7.0.2 or dotnet add package Microsoft.Data.SqlClient --version 6.1.6 Full release notes: 7.0.2: https://github.com/dotnet/SqlClient/releases/tag/v7.0.2 6.1.6: https://github.com/dotnet/SqlClient/releases/tag/v6.1.6 What's in these releases WAM broker support for supported Entra ID authentication modes (Windows) Both servicing releases add support for the Web Account Manager (WAM) broker in supported Entra ID authentication flows on Windows. This enables OS-brokered token handling, better single sign-on behavior with the signed-in Windows account, and improved support for Conditional Access and Windows Hello scenarios. For application code, this is exposed through ActiveDirectoryAuthenticationProviderOptions, including the UseWamBroker property. Hardened TDS token parsing The TDS parser now validates declared token data lengths against the available input buffer before reading. This improves resilience against malformed or hostile protocol payloads and helps prevent out-of-bounds token parsing behavior. For well-formed SQL Server responses, behavior is unchanged. SqlDataReader null-reference fix These releases include a fix for a SqlDataReader null-reference path in buffer-based reads. Calls that previously could fail with NullReferenceException now correctly surface argument validation errors. Always Encrypted signature-cache fix The Always Encrypted column master key signature verification cache logic was corrected so cached verification results are read and applied using the correct key and value. This prevents stale or mismatched cache outcomes from being treated as valid signature verification results. Additional note for 7.0.2 users Starting with version 7.0.2, Microsoft.Data.SqlClient and companion extension packages are version-aligned to 7.0.2. If your application references extension packages (for example Microsoft.Data.SqlClient.Extensions.Azure), upgrade them to the same version for compatibility. Getting started If you are new to Microsoft.Data.SqlClient, check out the introduction documentation: https://learn.microsoft.com/sql/connect/ado-net/introduction-microsoft-data-sqlclient-namespace For users of System.Data.SqlClient, see the porting cheat sheet: https://github.com/dotnet/SqlClient/blob/main/porting-cheat-sheet.md If you encounter any issues, please report them on GitHub: https://github.com/dotnet/SqlClient/issues337Views0likes0Commentsmssql-python 1.9.0: Row-friendly Bulk Copy, smarter NULL parameters, and a more portable wheel
We just shipped mssql-python 1.9.0, the official Microsoft SQL driver for Python. This release focuses on day-to-day ergonomics for data loading, a long-standing correctness gap around NULL parameter binding, and a build change that makes the published wheels work on clean macOS and Linux machines. pip install --upgrade mssql-python Highlights Bulk Copy now accepts Row objects (and lists) Bulk Copy previously required tuples. In 1.9.0 you can hand it Row objects straight from a SELECT, or plain lists, and the driver converts each row to a tuple internally before passing data to the Rust backend. rows = source_cursor.execute( "SELECT id, display_name, created_at FROM users" ).fetchall() target_cursor.bulkcopy("staging.users", rows) The common "fetch from one table, bulk-insert into another" pattern just works, with no manual row reshaping and no type errors on the boundary. NULL parameters now resolve to the right SQL type When you bound None to a parameter, the driver used to fall back to SQL_VARCHAR. That was fine for character columns and quietly wrong for everything else, especially VARBINARY and all-NULL columns where the server had no other type signal to lean on. 1.9.0 adds a thread-safe per-statement cache for SQLDescribeParam results, so NULL parameters resolve to the parameter's actual declared type. The cache is invalidated when a new statement is prepared, which also cuts redundant round-trips to the server during repeated executions of the same prepared statement. simdutf is now statically linked into the extension The published wheels (especially the macOS universal2 wheel) previously dynamically linked simdutf against a path that only existed on the CI build machine. On a clean install, import mssql_python could fail with missing-symbol or dlopen errors. The build no longer calls find_package(simdutf). FetchContent is used unconditionally, simdutf is built as a static library, and its symbols are embedded directly in the extension. There is nothing for end users to do; reinstall the wheel and the import works on a clean machine. Thanks to @edgarrmondragon for the contribution. Bug fixes worth calling out executemany with large Decimal values. Batch inserts of Decimal values larger than the SQL Server MONEY range raised an SQL_C_NUMERIC type-mismatch at runtime. executemany now binds DECIMAL / NUMERIC parameters as SQL_C_CHAR and sizes the column to fit the longest string representation, so large-decimal batches (including NULLs and multi-column inserts) succeed. Exception pickle round-trips. ConnectionStringParseError and the DB-API exception subclasses now implement __reduce__, so driver exceptions survive pickle / copy.deepcopy with every attribute intact. multiprocessing, distributed task queues, and anything that ships exceptions across process boundaries no longer lose context on the way through. nextset() and PRINT output. nextset() now collects diagnostic messages whenever SQL returns SQL_SUCCESS_WITH_INFO. Previously, PRINT output from secondary result sets in multi-statement batches and stored procedures was silently dropped after the first set. executemany data-at-execution path with Row objects. The DAE fallback used by large columns such as varchar(max) only recognized primitive types, so passing Row objects in that path failed. The fallback now converts Row to a tuple before mapping types. Fetch methods now type-check under ty. Catalog and metadata result-set handling no longer monkey-patches fetchone, fetchmany, and fetchall as instance attributes. A cached _column_map is built instead, so the fetch APIs stay proper class methods and static type checkers like ty stop tripping on cursor fetch calls. Upgrading For most users, pip install --upgrade mssql-python is all you need. If you had any workarounds for NULL parameter typing (manually setting inputsizes, casting in SQL, or sending sentinel values), you can drop it. If you were converting fetched rows to tuples before handing them to bulkcopy or executemany, that's no longer required either. Thanks Thanks to everyone who filed issues, sent repros, and reviewed PRs in this cycle. The NULL parameter fix, the Row handling in Bulk Copy and executemany, and the simdutf linking change all came directly from user-reported scenarios, and the simdutf change was a community contribution from @edgarrmondragon. Full changelog and PR list: microsoft/mssql-python releases.280Views0likes0Commentsmssql-python 1.8.0: friendlier Row access, Bulk Copy with MSI, and a refreshed ODBC driver
We just shipped mssql-python 1.8.0, the official Microsoft SQL Server driver for Python. This release focuses on day-to-day ergonomics, a long-requested authentication option for Bulk Copy, and a refresh of the bundled ODBC driver. pip install --upgrade mssql-python Highlights Row objects now support string-key indexing Row already supported integer indexing and attribute access. In 1.8.0 you can also index by column name, which is the pattern most users reach for first: cursor.execute("SELECT id, display_name FROM users WHERE id = ?", [42]) row = cursor.fetchone() row[0] # 42 - by index row.display_name # 'Ada' - by attribute row["display_name"] # 'Ada' - new in 1.8.0 If you set cursor.lowercase = True, string-key lookups become case-insensitive too, matching the casing behavior of attribute access. ActiveDirectoryMSI authentication for Bulk Copy Bulk Copy operations now support Authentication=ActiveDirectoryMSI, so workloads running with a managed identity (Azure VMs, App Service, Functions, Container Apps, AKS) can stream bulk inserts to Azure SQL without provisioning a separate credential. Bundled ODBC driver upgraded to 18.6.2.1 We've upgraded the bundled Microsoft ODBC Driver for SQL Server from 18.5.1.1 to 18.6.2.1. You pick up the upstream fixes and TLS/cert improvements just by upgrading the wheel. No separate ODBC install step. Bug fixes worth calling out Deferred connect-attribute use-after-free. Values passed to connection attributes set before connect are now stored in member buffers, so the driver no longer reads freed memory in some attribute-set paths. Connection string parsed multiple times in the auth path. The auth code path was reparsing the connection string several times per connect. It now operates on the already-parsed parameter dictionary, which is both faster and easier to reason about. Sensitive parameters (UID, PWD, Trusted_Connection, Authentication) are sanitized through a single canonical path before the ODBC handoff. executemany type annotation regression. seq_of_parameters now uses a covariant Sequence, so passing a list of tuples (or any covariant sequence type) type-checks cleanly again. Upgrading For most users, pip install --upgrade mssql-python is all you need. Nothing in this release is intentionally breaking. If you have type stubs or mypy pins that depended on the previous invariant seq_of_parameters annotation, you can drop the workaround. Thanks Thanks to everyone who filed issues, sent repros, and reviewed PRs in this cycle. The Row indexing and connection-string parsing work came directly from user-reported scenarios. Full changelog and PR list: microsoft/mssql-python releases.222Views0likes0CommentsSecurity Update for SQL Server 2022 RTM
The Security Update for SQL Server 2022 RTM GDR is now available for download at the Microsoft Download Center and Microsoft Update Catalog sites. This package cumulatively includes all previous security fixes for SQL Server 2022 RTM, plus it includes the new security fixes detailed in the KB Article. Security Bulletins: CVE-2026-40370 - Security Update Guide - Microsoft - SQL Server Remote Code Execution Vulnerability Security Update of SQL Server 2022 RTM GDR KB Article: KB5091158 Microsoft Download Center: https://www.microsoft.com/download/details.aspx?familyid=9edbb614-c56a-4c5a-b4dc-157d4036f44c Microsoft Update Catalog: https://www.catalog.update.microsoft.com/Search.aspx?q=5091158 Latest Updates for Microsoft SQL Server: https://learn.microsoft.com/en-us/troubleshoot/sql/releases/download-and-install-latest-updates161Views0likes0CommentsSecurity Update for SQL Server 2022 RTM CU24
The Security Update for SQL Server 2022 RTM CU24 is now available for download at the Microsoft Download Center and Microsoft Update Catalog sites. This package cumulatively includes all previous security fixes for SQL Server 2022 RTM CUs, plus it includes the new security fixes detailed in the KB Article. Security Bulletins: CVE-2026-40370 - Security Update Guide - Microsoft - SQL Server Remote Code Execution Vulnerability Security Update of SQL Server 2022 RTM CU24 KB Article: KB5089900 Microsoft Download Center: https://www.microsoft.com/download/details.aspx?familyid=34ec989d-5c02-41b7-99ec-f2c35c7a4cdf Microsoft Update Catalog: https://www.catalog.update.microsoft.com/Search.aspx?q=5089900 Latest Updates for Microsoft SQL Server: https://learn.microsoft.com/en-us/troubleshoot/sql/releases/download-and-install-latest-updates358Views0likes1CommentAnnouncing the release of Microsoft OLE DB Driver 19.4.2 for SQL Server
We're pleased to announce the general availability (GA) release of Microsoft OLE DB Driver 19.4.2 for SQL Server. This is a maintenance update to the 19.4 line that improves TLS handling, raises a long-standing connection redirection limit, refreshes the bundled authentication library, and fixes accessibility issues in the UDL dialog. Download x64 / Arm64 installer x86 installer The 64-bit MSI continues to install the appropriate binary (x64 or Arm64) automatically based on the OS platform. MSOLEDBSQL 19 installs side by side with MSOLEDBSQL 18. Prerequisite: the Microsoft Visual C++ Redistributable must be installed before running the driver installer. What's new in 19.4.2 Features added Feature Details SSL/TLS improvements Improved SSL/TLS handling for better security and performance. 10 redirects per connection The driver no longer caps connection redirections at 2, which removes a long-standing failure mode for workloads that hit redirection-heavy topologies (for example, certain Azure SQL routing scenarios). Bugs fixed Fix Details UDL accessibility defects Fixed accessibility issues in the Universal Data Link (UDL) dialog. Updated authentication library Microsoft SQL Driver Authentication library (mssql-auth.dll) updated to version 1.1.3. mssql-auth.dll is the ADAL replacement introduced in 19.4.1 and is installed as part of the driver setup. Supported languages 19.4.2 is available in: Chinese (Simplified), Chinese (Traditional), Czech, English (United States), French, German, Italian, Japanese, Korean, Polish, Portuguese (Brazil), Russian, Spanish, and Turkish. Direct per-language download links are available in the Release notes and the Download page. Upgrading If you're on 19.4.1 or earlier in the 19.x line, an in-place upgrade is supported. As always, we recommend validating in a non-production environment first, especially if your application depends on the redirection or TLS behaviors touched in this release. Feedback Please file issues and feature requests on the Microsoft OLE DB Driver for SQL Server feedback site or via your usual support channel. Thanks to everyone who reported the UDL accessibility and redirection-limit issues that drove this release.565Views0likes0Comments