Curated SQL – A Fine Slice Of SQL Server

New SQL Server CVEs

Published 2026-04-20 by Kevin Feasel

Rebecca Lewis takes a look at a few more vulnerabilities Microsoft has patched in SQL Server:

This week’s Patch Tuesday landed three new SQL Server CVEs. Two are elevation-of-privilege bugs — familiar territory, we had three of those last month. The third one is different. CVE-2026-33120 is a remote code execution flaw in SQL Server 2022. CVSS 8.8. An authenticated, low-privileged login on the network can execute arbitrary code on your SQL Server.

Go. Patch. Now.

Click through for more information and be sure to get these patched.

Leave a Comment

Choosing a Microsoft FabricTrial Capacity Size

Published 2026-04-20 by Kevin Feasel

Heidi Hasting makes a choice:

When you provision a Microsoft Fabric trial, it spins up at F64 by default. That’s the equivalent of 64 Capacity Units — a solid chunk of compute. For most trial users, this is just the number they see and never think twice about.

But here’s what I just discovered: you can change it.

Click through to see how.

Leave a Comment

T-SQL Tuesday 197 Round-Up

Published 2026-04-20 by Kevin Feasel

Steve Hughes learns something new:

Thanks to everyone who joined the blog party this month. I noticed three themes in the responses. Every response had one or more of these themes woven into their response.

I learned something.

I discovered ways to improve my presentations.

I get more value in the hallway conversations.

Click through for this month’s participants and what they’ve learned.

Leave a Comment

Choosing Names in Microsoft Fabric

Published 2026-04-20 by Kevin Feasel

Nikola Ilic asks, what’s in a name?

My dear Microsoft Fabric friends – if you’ve ever opened a workspace and seen “Lakehouse”, “Lakehouse 1”, “lh_test_v2”, and “NewLakehouse_DELETE_ME” all sitting next to each other, this post is for you

Three weeks into a fresh Fabric tenant, things look great. Twelve weeks in, you’re staring at 47 workspaces, three of them called something like “Test – DO NOT USE”, and nobody on the team can remember which Lakehouse holds the actual production sales data.

I don’t know how Nikola has figured out my naming strategy so well. Click through for a systematic attempt to standardize naming for Fabric objects.

Leave a Comment

Refresh Warnings now Available in Power BI History

Published 2026-04-20 by Kevin Feasel

Chris Webb tells us don’t panic:

Since March 2026, Power BI semantic models have started showing warnings in their Refresh History in the Service. This has scared a few people but in fact all that is happening is that errors which were there all along and which don’t prevent refreshes from completing are now being flagged. Documentation on this feature can be found here but let’s see an example of the type of errors that can cause these warnings.

Click through for that example.

Leave a Comment

Planned Failover of Availability Groups on Kubernetes

Published 2026-04-20 by Kevin Feasel

Anthony Nocentino runs a test:

When building the sql-on-k8s-operator, I wanted to make sure it could handle both planned and unplanned failovers. The easy case is a planned failover, where you deliberately move the primary role to another replica. The harder case is an unplanned failover, where the primary pod just disappears. The operator needs to handle both.

I recently ran a full planned failover rotation on a three-replica SQL Server Availability Group managed by sql-on-k8s-operator, and I want to show you exactly what happens inside SQL Server and the operator during each hop. If you’ve been following my Introducing the SQL Server on Kubernetes Operator post, this is the logical next step: what does the error log actually look like during a planned failover, what does the operator do in response, and how long does the whole thing take?

I ran the same three-hop rotation twice: once with an idle 5GB database to establish a baseline, and once under a sustained TPC-C workload with HammerDB. In this post, I’ll walk through the SQL Server error log entries, the operator’s reconcile behavior, and the timing data for both runs. In the next blog post, I’ll show what happens during an unplanned failover. Let’s go.

Click through to see how it all works.

Leave a Comment

Validating DAX against a Lakehouse via Semantic Link

Published 2026-04-17 by Kevin Feasel

Jens Vestergaard performs some checks:

A semantic model is a promise. It promises that the numbers in your reports match the data in your lakehouse. But after enough model changes, renamed columns, new relationships, and tweaked measures, that promise gets harder to verify. I wanted a way to check it programmatically.

This is my second submission to the Fabric Semantic Link Developer Experience Challenge. The first was a DAX unit test harness that compares measures against hardcoded expected values. That works well for known business rules, but it has a limitation: someone has to decide and maintain what the “right” answer is. For a model with hundreds of measures across dozens of filter contexts, that does not scale.

Click through to see what Jens did instead.

Leave a Comment

An Azure Bill Breakdown

Published 2026-04-17 by Kevin Feasel

Elaine Cahill takes us through an Azure monthly bill:

I received an Azure bill for the period Feb. 6^th 2026 – March 5^th 2026 that was $2.38 usage charges, with no tax added. Although a small amount, I decided it would be a good introductory example for anyone that has to understand and pay for Azure. My account is Pay-As-You-Go and I use it for learning, experiments and proof of concepts.

Click through for that primer. I think, on the whole, the way Azure shows billing is okay. The tricky part is when you want to reduce the bill. They’ll show you, for example, that you have D3 v2 or DS3 v2 virtual machines running in East US 2, but then you have to dig in and figure out which of your virtual machines are running that SKU. And there are some services that spin up VMs in the background, so you might see billing for that even if you didn’t directly create a VM of that SKU.

But with a bit of digging, you can at least gain an understanding of what’s costing money in Azure.

Leave a Comment

Cracking SQL Server 2025 SQL Auth Passwords with hashcat

Published 2026-04-17 by Kevin Feasel

Vlad Drumea has a great post:

Last year I wrote about SQL Server 2025’s new PBKDF2 hashing algorithm: what that means from a security perspective, as well as how it impacts online cracking.
And even how to enable it in SQL Server 2022.

Vlad created a module that cracks SQL Server 2025 passwords offline (versus actually connecting to the SQL Server instance itself and extrapolates it to online cracking (connecting to the SQL Server instance and trying different passwords). Vlad has some really good news on the whole and this post serves to explain why Microsoft introduced PBKDF2 as part of the hashing algorithm for SQL Server 2025.

Leave a Comment

Pre-Filtering Power BI Reports with URL Filters

Published 2026-04-17 by Kevin Feasel

Ben Richardson takes you to the right place:

Most Power BI users share reports one of two ways: they send the full report URL and ask people to filter it themselves, or they build separate reports for each team and spend the next year maintaining them.

Neither approach is ideal. Which is why URL filters are a great third option!

By appending a short query string to a report URL, you can control exactly what a reader sees the moment they open the link.

All without touching the underlying report, without duplicating it, and without relying on your readers to set up their own filters correctly.

This guide covers how URL filters work, how to write the syntax correctly, and where they will save you time.

Ben does cover the limitations around URL filters as well. This sounds like its best-case scenario is when there is another application that can serve Power BI URLs.

Leave a Comment

M	T	W	T	F	S	S
		1	2	3	4	5
6	7	8	9	10	11	12
13	14	15	16	17	18	19
20	21	22	23	24	25	26
27	28	29	30

Curated SQL Posts