FIX: Sensitive data may be exposed when you enable DDM function in SQL Server 2016 and 2017

Applies to: SQL Server 2017 DeveloperSQL Server 2017 EnterpriseSQL Server 2017 Enterprise Core


Assume that you are using Dynamic Data Masking (DDM) on a column to protect your sensitive data in a table in Microsoft SQL Server 2016 and 2017. You may notice that the sensitive data is exposed when you execute a query that contains the following statements:

  • KEYSET READ_ONLY cursors.
  • PIVOT queries with masking that are defined on the aggregated pivot column.
  • User-defined functions (UDFs) that return a subquery.



As a workaround for this issue, you may avoid using problematic Transact-SQL (T-SQL) statements, and rewrite the code to use different T-SQL statements.


Microsoft has confirmed that this is a problem in the Microsoft products that are listed in the "Applies to" section.


Learn about the terminology that Microsoft uses to describe software updates.