FIX: Masked data is exposed when a query that uses sp_cursorfetch is run in SQL Server if Dynamic Data Masking is enabled

Applies to: SQL Server 2016 DeveloperSQL Server 2016 EnterpriseSQL Server 2016 Enterprise Core More

Symptoms


Assume that you use Dynamic Data Masking (DDM) on a column to mask sensitive data in a table in Microsoft SQL Server 2017. You may notice that the masked data is exposed when you run a query that uses the sp_cursorfetch stored procedure.

Resolution


This problem is fixed in Cumulative Update 11 for SQL Server 2016 Service Pack 1.

Status


Microsoft has confirmed that this is a problem in the Microsoft products that are listed in the "Applies to" section.

References


Learn about the terminology Microsoft uses to describe software updates.