 | | The Complete Weekly Roundup of SQL Server News by SQLServerCentral.com | | Hand-picked content to sharpen your professional edge |
|
The New Wave of Security Threats We've had quite a few GDR patches for SQL Server released this year. If I glance at the Build Lists I maintain, I see Sept 2025, Nov 2025, Jan 2026, and Mar 2026 GDR patches. That seems rather frequent as the history of builds for recent versions has often seen them without any GDR, out-of-band patches. Just CU after CU every other month. That pattern of rare security updates might be changing for lots of software, not just SQL Server. There was an article recently that noted AI tools might start exposing lots of bugs, including security holes, in software that has been around for years. Someone recently used AI found bugs in both PostgreSQL and MariaDB that have been around for years. They are patched, so if you run those platforms, make sure you patch things. The information is out there and someone is looking to take advantage of it. Anthropic built a new model, Mythos, which has not been released publicly. It's been given to a few customers who have used it in testing, and it seems that it might be more capable than expected at finding bugs. Hopefully, we will find out how good it is soon and lots of companies can use it to examine software. It's certainly a danger as hackers and criminals might use it, but I believe that (responsible) information disclosure is better for everyone. This is also a good reminder that you need to patch your systems. I certainly get wary about updating on day 1, but I do try to patch without too much of a lag. There are no shortage of zero-day attacks, but I also weigh the risk of instability from patches of questionable quality. Many vendors do a great job of patches and upgrades most of the time, but "many" and "most" aren't "all", so I prefer to let others test early. Someone has to apply the patches on day 1, but I don't want it to be me. Security is getting harder, it's getting more burdensome, and it's becoming more important. At the same time, lots of people are building better security with new tools, including AI. Just make sure you apply those patches to take advantage of their work. Steve Jones - SSC Editor Join the debate, and respond to the editorial on the forums |
| The Weekly News | | All the headlines and interesting SQL Server information that we've collected over the past week, and sometimes even a few repeats if we think they fit. |
| AI/Machine Learning/Cognitive Services |
Researchers warn that AI-built apps are exposing sensitive medical, financial, and business data, raising new security concerns around vibe coding. The post Thousands of AI ‘Vibe Coding’ Apps May Expose... |
Every major model out there can summarise documents, write code and answer multi step questions – then if you decide to go with a specific vendor based on costs... The... |
If you've seen one developer recounting how their AI agent deleted production, you've seen them all. They're mostly not interesting stories. It's like watching someone speeding through traffic on... |
| Administration of SQL Server |
Test SQL Server Backup Performance For Free Chapters *00:00:00* – Introduction *00:00:30* – Free Stuff on GitHub *00:01:00* – Stored Procedure Overview *00:01:27* – Backup Performance Factors *00:01:57* –... |
Learn how managed identities in SQL Server 2025 enhance security by eliminating passwords and enabling seamless Microsoft Entra authentication for Azure resources.… The post What are managed identities in SQL... |
| Career, Employment, and Certifications |
Is your company hiring for a database position as of May 2026? Do you wanna work with the kinds of people who read this blog? Let’s make a love... |
PlanTrace: Stop Reading Redshift EXPLAIN Plans. St... |
When starting with AWS RDS Aurora for managing relational databases in the cloud, many data engineers face the challenge of leveraging its cutting-edge features while maintaining performance and reliability.... The... |
| Computing in the Cloud (Azure, Google, AWS) |
I went to sleep while reading a Kindle book on my ... |
Practical cloud migration go-live tips: planning, team readiness, rollback strategy, testing, and post-migration checks for a smooth deployment.… The post How to ensure successful deployment of a cloud migration appeared... |
| Conferences, Classes, Events, and Webinars |
Times and tech are changing quickly. Let’s get you up to speed on the latest developments to do your work more quickly with a series of free live webcasts.... |
Advanced T-SQL Triage: I’m Coming to Zagreb On Friday, June 12th, I’ll be in Zagreb, Croatia, running my full-day workshop Advanced T-SQL Triage: The Art of Fixing Terrible Code... |
In this post, I’m going to walk you through installing the new Entra ID module so you can manage your Microsoft 365 cloud with PowerShell. It only takes a... |
This is Week 1 of PowerShell Strikes Back – a four-week May series for SQL Server DBAs who have dabbled in PowerShell but never stopped to nail down the... The... |
| ETL/SSIS/Azure Data Factory/Biml |
It's time for T-SQL Tuesday #198! This month's topic is change detection. The post T-SQL Tuesday #198 Invitation: How Do You Detect Data Changes? first appeared on Data Savvy. The post... |
| Microsoft Fabric ( Azure Synapse Analytics, OneLake, ADLS, Data Science) |
Have you ever wished you could see what your data looked like last Tuesday? With time travel in Microsoft Fabric Warehouse, you can! Time travel in Microsoft Fabric Warehouse... |
I really think it is ideal to use a workspace iden... |
Model Context Protocol, or MCP, is one of those technical ideas that sounds more complicated than it really is. The easiest way to think about it is this: MCP... The... |
| Performance Tuning SQL Server |
Learn T-SQL With Erik: Clustered Tables, Page Splits, and Readaheads Chapters *00:00:00* – Introduction to Clustered and Heaps *00:07:52* – Clustered Indexes and B-Trees *00:13:32* – Heap Tables Explained... |
Learn T-SQL With Erik: Heap Table Problems with Updates and Deletes Chapters *00:00:00* – Introduction *00:01:01* – SQL Server Specific Content *00:02:01* – Free Resources *00:03:11* – Upcoming SQL... |
In recent years, we’ve seen an upturn in adoption of the open-source database engine PostgreSQL. Commercial databases like Oracle and SQL Server can become quite expensive as applications grow... |
PostgreSQL 19 expands MultiXactOffset to 64 bits, eliminating a real outage failure mode. So when do regular transaction IDs get the same treatment? |
Aurora PostgreSQL separates compute and storage, replicating redo records across three Availability Zones. |
Raising autovacuum_max_workers above 3 won't speed up vacuum unless you also increase autovacuum_vacuum_cost_limit—the I/O budget is divided among workers, not… |
The window for new features in PostgreSQL 19 has closed with the Commitfest PG19-Final on April 9th. 182 patches were committed in this commitfest alone (plus more in the... |
PostgreSQL 19 eliminates the 32-bit MultiXactOffset ceiling that has crashed high-concurrency FK-heavy clusters at 3 a.m. |
| PowerPivot/PowerQuery/PowerBI |
Many Power BI developers view tables and matrix visuals as the enemy. They dislike building them, and often think, “the user is just going to export this to Excel anyway.” But here’s the thing: tables and matrix visuals have an important business case, and sometimes a well-structured table communicates data far better than any chart would. |
A slicer cannot filter a measure: let’s analyze this common request by explaining how to use a slicer to filter a measure, after discussing the real meaning of using... |
Video by: Reid HavensThe single biggest concept separating DAX beginners from confident report builders is context. This interactive guide breaks down how Power BI evaluates every formula you write:... |
A slicer cannot filter a measure. In this article, we analyze this common request by explaining how to use a slicer to filter a measure, after discussing the real... |
| Product Reviews and Articles |
This happened to me recently after being busy with non-data modeling tasks for a few weeks. I went to add a relationship and was confused about the behavior. Read... The... |
| Product Upgrades and Releases |
Deploy Redgate Test Data Manager into your own AWS... |
AWS announces the general availability of the AWS MCP Server, a managed remote Model Context Protocol (MCP) server that gives AI agents and coding assistants secure, authenticated access to... |
Introduction These are my SQL Server Diagnostic Information Queries for May 2026, aka my DMV Diagnostic Queries. They allow you to get a very comprehensive view of the configuration... |
I’m getting more and more into data engineering these days and having used R for a long time, I’m seeing a lot of problems that look nail-shaped to my R-shaped hammer. The available tools to solve those problems exist for (presumably) very good reasons, so I wanted to take some time to dig into how to use them and compare their workflows to what I would otherwise naively do in R. |
By this point, two things should be very clear: Your access model is not a clean hierarchy.It behaves like a graph of inherited, interconnected permissions. Which leads to a... |
Everyone is adopting AI coding tools. Engineers are writing code faster than ever. But are organizations actually delivering value faster? That’s not obvious. I wrote Enabling Microservice Success with... |
| T-SQL and Query Languages |
Learn how the SQL COALESCE function works, with practical examples for handling NULL values, setting defaults, and writing cleaner, more reliable queries.… The post Why COALESCE might be the most... |
Three T-SQL features that have shipped over the last few releases and quietly retired patterns many of us are still using out of habit. Each replaces a stale workaround... |
Security researcher Alexander Hanff says Chrome is quietly installing a 4GB AI model, raising concerns over consent, storage, and emissions. The post Google Chrome Reportedly Installs 4GB AI Model Without... |
The Pentagon expanded classified AI deals to Nvidia, Microsoft, AWS, and Reflection AI, renewing scrutiny of military AI safeguards and vendor rules. The post Pentagon Adds Nvidia, Microsoft, Amazon, and... |
The most significant tension in this issue is between two companies making different decisions about how to handle AI with frontier security capabilities. Anthropic restricted Claude Mythos to a... |
Two facts. The same week. 99% of US enterprises consider themselves AI-ready. 88% believe they are ahead of their competitors. 60% of those same organizations cite data management and governance... |
This is more or less a personal pep talk to myself as I navigate a few months of activity outside of the normal work week and I was feeling... |
Today's anonymous submitter sends us some code that just makes your mind go… blank when you look at it. public static boolean isNull(String value) { return StringUtils.isBlank(value); } StringUtils.isBlank comes from the Apache... |
| Tools for Dev (SSMS, ADS, VS, etc.) |
This post is for people interested in setting up a... |
  | This email has been sent to {email}. To be removed from this list, please click here. If you have any problems leaving the list, please contact the webmaster@sqlservercentral.com. This newsletter was sent to you because you signed up at SQLServerCentral.com. Note: This is not the SQLServerCentral.com daily newsletter list, and unsubscribing to this newsletter will not stop you receiving the SQL Server Central daily newsletters. If you want to be removed from that list, you can follow the instructions on the daily newsletter. |
|
|
