FIX: Passwords are masked in audit logs in SQL Server 2019

Applies to: SQL Server 2019 on LinuxSQL Server 2019 on Windows

Symptoms


When you audit commands that contain passwords such as CREATE LOGIN or CREATE CREDENTIAL, the password is not masked and will be shown as cleartext in the audit log.

Status


Microsoft has confirmed that this is a problem in the Microsoft products that are listed in the "Applies to" section. 

Resolution


This issue is fixed in the following cumulative update for SQL Server:
About cumulative updates for SQL Server:
Each new cumulative update for SQL Server contains all the hotfixes and all the security fixes that were included with the previous cumulative update. Check out the latest cumulative updates for SQL Server:

References


Learn about the terminology that Microsoft uses to describe software updates.