"Latest Updates: SQL Server 2019 CU21 and 2022 CU5 Released"

Microsoft released SQL Server 2019 CU21 and SQL Server 2022 CU5 in June 2023, delivering a combined total of over 30 bug fixes across both versions. If you're running either release in production, these cumulative updates address real stability issues including memory leaks, incorrect query results, and race conditions that can affect data integrity. SQL Server 2017 received no update in this cycle.

Keeping SQL Server patched isn't just good hygiene. Unpatched instances accumulate known defects that Microsoft has already solved, and in some cases those defects produce wrong query results or cause unexpected crashes. The fixes in CU21 and CU5 are exactly the kind of targeted, low-risk improvements that belong on every production server as part of a regular patching schedule.

What Is a Cumulative Update and Why Does It Matter?

A cumulative update (CU) is Microsoft's primary vehicle for delivering bug fixes between major service releases. Unlike general distribution releases (GDRs), which are reserved for security fixes only, cumulative updates bundle all previously released fixes plus new ones. Each CU is fully cumulative, meaning you don't need to apply earlier CUs first.

Microsoft's current servicing model recommends staying within one CU of the latest release for your SQL Server version. Falling more than two CUs behind means you're running with known defects that Microsoft has already fixed, and you're accumulating technical debt that makes future patching more complex.

What Does SQL Server 2019 CU21 Fix?

SQL Server 2019 CU21 addresses a broad range of issues, with particular focus on In-Memory OLTP stability, query correctness, and change tracking. Here are the key fixes worth understanding before you deploy.

In-Memory OLTP improvements

Multiple issues around In-Memory OLTP have been resolved in this update. If your environment uses memory-optimised tables for high-throughput workloads, CU21 improves overall stability and reduces the risk of unexpected failures under concurrent load.

Query correctness fixes

Several fixes address scenarios where SQL Server was returning incorrect results:

Queries filtering on ROW_NUMBER() with nullable columns could produce wrong output. This is now fixed.
Multiple occurrences of the same scalar subquery in a single query could trigger access violations or return errors. Resolved.
Cardinality estimation for AND predicates has been improved, which can positively affect query plan selection for complex filter conditions.
Parallel spool operations in plans for INSERT, UPDATE, or DELETE statements could produce inconsistent results. This is fixed.

Change tracking cleanup

Enhanced change tracking cleanup behaviour when using trace flags 8286 and 8287. If you rely on change tracking for data synchronisation or auditing, this fix reduces the risk of cleanup processes interfering with active workloads.

Known Issues in SQL Server 2019 CU21

Two known issues shipped with CU21 that you need to be aware of before applying this update.

SESSION_CONTEXT and parallel plans

If your application uses SESSION_CONTEXT(), the fix introduced in CU14 has a side effect: it can generate access violation dump files when parallel plans are involved. Microsoft has provided two workarounds using trace flags:

Trace flag 9432 disables the CU14 fix for SESSION_CONTEXT
Trace flag 11042 disables parallelism when SESSION_CONTEXT is in use

Neither workaround is ideal for high-concurrency environments, so test carefully before deploying to production. Microsoft has acknowledged this and is working on a permanent fix for a future CU.

Managed Instance Link with memory-optimised tables

If you're using Managed Instance Link alongside memory-optimised tables, FileStream, or databases with multiple log files, the database may stop syncing after applying CU21. This is a specific scenario that doesn't affect most on-premises SQL Server deployments, but if you're using hybrid configurations with Azure SQL Managed Instance, review the CU21 release notes before proceeding.

What Does SQL Server 2022 CU5 Fix?

SQL Server 2022 CU5 covers similar ground to its 2019 counterpart, with targeted fixes for In-Memory OLTP, columnstore indexes, and Query Store behaviour.

In-Memory OLTP stability

Like CU21 for SQL Server 2019, CU5 addresses multiple stability issues with memory-optimised tables. If you're running In-Memory OLTP workloads on SQL Server 2022, this update is particularly relevant.

Memory leak with columnstore indexes

Queries using an equality predicate (=) against a clustered columnstore index were causing a memory leak under certain conditions. Over time, this leak can cause memory pressure on the SQL Server instance, leading to degraded performance or out-of-memory conditions. This fix is significant for environments using columnstore indexes for analytical workloads or data warehousing.

Race condition with parameter-sensitive plan optimisation

SQL Server 2022 introduced parameter-sensitive plan (PSP) optimisation as a new Intelligent Query Processing feature. CU5 resolves a race condition that could occur when PSP optimisation was active alongside Query Store. Race conditions in query plan management can cause intermittent errors or unexpected plan changes, so this fix improves the reliability of one of SQL Server 2022's headline features.

Incorrect results with DESC index sort order

Indexes with a DESC sort order could return incorrect results in specific query patterns. Index-related correctness bugs are among the most critical to patch because they can silently corrupt query output without raising any errors. This fix alone is a strong reason to apply CU5 promptly.

For the complete list of fixes, refer to the official SQL Server 2022 CU5 release notes.

How Should You Approach Applying These Updates?

Cumulative updates should never be applied directly to production without a structured process. Here's a practical approach:

Review the release notes for both the target CU and any CUs you're skipping. Check the known issues section specifically.
Test in a non-production environment that mirrors your production workload as closely as possible. Run your critical queries and stored procedures to verify behaviour.
Back up all databases before applying the update, including system databases.
Schedule a maintenance window with enough time to apply the update and validate core application functionality before declaring success.
Monitor after patching for at least 24 to 48 hours, watching for new errors in the SQL Server error log, unexpected plan changes, or performance regressions.
Have a rollback plan. Cumulative updates can be uninstalled via Programs and Features in Windows, but test this process before you need it.

For environments running multiple SQL Server instances, stagger the rollout. Don't patch every instance simultaneously.

Which Versions Are Supported?

As a reminder, SQL Server 2017 received no update in this release cycle. SQL Server 2017 mainstream support ended in October 2022, meaning it now receives security updates only through the extended support period, which runs until October 2027. If you're still on SQL Server 2017, now is a good time to plan your upgrade path to SQL Server 2022.

SQL Server 2019 mainstream support runs until January 2025, with extended support available until January 2030. SQL Server 2022 is the current release, with mainstream support through January 2028.

Key Takeaways

SQL Server 2019 CU21 and SQL Server 2022 CU5 together address over 30 known defects, including critical query correctness bugs and a memory leak affecting columnstore index workloads.
The SESSION_CONTEXT known issue in CU21 requires trace flag workarounds and needs careful testing if your applications use session context values.
The DESC index sort order fix in CU5 is a correctness bug that can silently return wrong results, making this update a priority for SQL Server 2022 environments.
Always test cumulative updates in a non-production environment before deploying to production, and maintain a rollback plan.
SQL Server 2017 is now in extended support only. If you're running 2017, start planning your upgrade to SQL Server 2022.

Keeping up with cumulative updates is one part of maintaining a healthy SQL Server environment, but it's rarely the whole picture. At DBA Services, our SQL Server health checks identify patching gaps, configuration issues, and performance risks across your entire SQL Server estate. If you'd prefer ongoing coverage rather than reactive patching, our managed DBA support service handles cumulative update assessment, testing, and deployment as part of a structured maintenance programme. Get in touch to find out how we can help.

Need help with your SQL Servers?

Find out what's really going on inside your SQL Server environment.
Our health checks uncover critical misconfigurations in 97% of reviews.

Get an Obligation-Free Quote Call 1800 SQL DBACall 1800 775 322

“Latest Updates: SQL Server 2019 CU21 and 2022 CU5 Released”

What Is a Cumulative Update and Why Does It Matter?

What Does SQL Server 2019 CU21 Fix?

Known Issues in SQL Server 2019 CU21

What Does SQL Server 2022 CU5 Fix?

How Should You Approach Applying These Updates?

Which Versions Are Supported?

Key Takeaways

Need help with your SQL Servers?

More from the blog

Boost SQL Server Performance with AI-Assisted Query Optimisation Tools

Proactive Security for SQL Server: Mitigating CVEs and Protecting Your Data

Leverage SQL Server 2022's New Functions for Enhanced Data Analysis and Performance

SQL Server insights, monthly.