SQL Server 2017 Cumulative Update 22: What You Need to Know Before Installing
SQL Server 2017 Cumulative Update 22 (CU22) addresses several genuine production issues, including Query Store memory management, columnstore index concurrency hangs, and NVMe restore failures. Whether you should install it depends on your workload, but the decision is harder than it should be because Microsoft's documentation for this release is, frankly, inadequate.
That documentation gap is the real story here. When you're running enterprise software that costs upwards of $7,000 per core, you deserve a clear explanation of what each fix does, why the bug existed, and what conditions trigger it. CU22 doesn't always provide that. What it does provide is a collection of fixes that matter to real production environments, and this article breaks down what we know, what Microsoft hasn't explained, and how to think about applying this update.
What Does SQL Server 2017 CU22 Fix?
The full list is available on the Microsoft Support page for CU22. Below are the fixes worth paying attention to, grouped by area.
Query Store Memory Management
One of the headline changes in CU22 enables Query Data Store (QDS) instance-level memory limits by default on "box edition." The intent is to prevent Query Store from consuming excessive memory by automatically switching to READ ONLY mode once it hits a defined threshold.
This sounds reasonable in principle. In practice, the documentation raises more questions than it answers. Microsoft doesn't explain what "box edition" means in this context (presumably on-premises Standard or Enterprise edition, as opposed to Azure SQL Database), what the actual memory limits are, or under what conditions the transition to READ ONLY mode is triggered. If your Query Store suddenly goes read-only after applying CU22, this change is the likely culprit. Without knowing the thresholds, you can't plan for it or tune around it.
For environments that rely on Query Store for performance regression detection and plan forcing, an unexpected switch to READ ONLY mode is a serious operational issue. Monitor your Query Store status after applying this update using:
SELECT name, desired_state_desc, actual_state_desc, readonly_reason
FROM sys.databases
WHERE is_query_store_on = 1;If actual_state_desc shows READ_ONLY and desired_state_desc shows READ_WRITE, Query Store has been forced into read-only mode. You can check readonly_reason for a numeric code, though the mapping between codes and causes isn't always obvious from the documentation.
Managed Backup Failure with Non-Default SQL Agent Job Ownership
This is a straightforward but impactful bug. SQL Server Managed Backup to Azure stops working when the SQL Agent system jobs are owned by an account other than 'sa'. In environments where security hardening policies require service accounts or named logins to own Agent jobs rather than the 'sa' account, this bug effectively breaks automated cloud backup without any obvious error message pointing at the real cause.
If you've been troubleshooting mysterious Managed Backup failures and your Agent jobs are owned by a non-sa account, CU22 addresses this directly.
NVMe Device Restore Failures (4K Block Size)
Restoring a SQL Server database from a previous version to a drive on an NVMe device partitioned with 4K block size fails without this fix. NVMe adoption in high-performance SQL Server environments has accelerated significantly over the past few years. If your storage refresh has moved to NVMe and you're running SQL Server 2017, this fix may be blocking a restore path you haven't tested yet. Worth knowing before you need it in a recovery scenario.
Linked Server Query Incorrect Results
Queries running against a linked server that include aggregates or joins on a table with a filtered index on the remote server can return incorrect results in SQL Server 2017. Incorrect results are among the most dangerous class of bug because they don't fail loudly. The query completes, returns data, and nothing flags that the data is wrong. If your environment uses linked servers with filtered indexes on remote tables, this fix should be a priority.
Columnstore Index Concurrency Hangs
Concurrent inserts against tables with columnstore indexes can cause queries to hang. Columnstore indexes are common in data warehouse and reporting workloads where bulk insert patterns are standard. A concurrency hang in that context can bring reporting pipelines to a standstill. This fix addresses a real and reproducible production scenario.
COMPILE Blocking
Excessive COMPILE blocking occurs when many queries are compiling simultaneously and competing for internal locks. This manifests as RESOURCE_SEMAPHORE_QUERY_COMPILE waits and can be difficult to diagnose without knowing the underlying cause. CU22 includes a fix in this area.
Full-Text Search Auto Crawl Stops When Availability Group Goes Offline
If an Availability Group goes offline, Full-Text Search auto crawl stops and doesn't automatically resume when the AG comes back online. For environments using Full-Text Search in high availability configurations, this means a manual intervention is required after any AG failover or outage. The fix in CU22 addresses the auto-resume behaviour.
Always On Failover Cluster Instance Upgrade Script Failure
Upgrade scripts fail when an Always On Failover Cluster Instance (FCI) is configured as a secondary replica. This is a significant issue for environments with complex HA topologies combining FCIs and Availability Groups. If you're running this configuration and planning any SQL Server upgrades or patch applications, this fix removes a potential blocker.
SQL Server Fails to Start with Remote Admin Connections and IPv6 Disabled
SQL Server fails to start when remote admin connections (the Dedicated Admin Connection, or DAC) are enabled and IPv6 is disabled on the host. This is a relatively niche scenario but a critical one when it occurs. The DAC is often your last resort for connecting to a troubled SQL Server instance. A startup failure caused by this combination means you can't get in at all.
Access Violation Exception in Availability Groups
An access violation exception occurs under specific conditions in Availability Groups in SQL Server 2017. Microsoft hasn't fully documented the triggering conditions, which makes it difficult to assess exposure. Access violations in AG components typically result in SQL Server process termination, which means an unplanned failover. Any fix in this area deserves attention in HA environments.
Should You Install SQL Server 2017 CU22?
The answer depends on whether any of the above bugs affect your environment. Here's a practical approach:
- Review the fixes against your workload. If you use Managed Backup, linked servers with filtered indexes, columnstore indexes, or Always On configurations, several fixes in CU22 are directly relevant.
- Check your storage. If you've deployed NVMe drives with 4K sector formatting, the restore fix applies to you.
- Assess your Query Store dependency. If Query Store is central to your performance management process, understand that CU22 changes its default memory behaviour and plan to monitor it post-update.
- Test in a non-production environment first. This is standard practice for any cumulative update, but the incomplete documentation in CU22 makes it more important than usual.
- Apply during a maintenance window with a rollback plan. CU22 is not a security patch, so there's no emergency pressure to rush deployment.
Microsoft's general guidance is to apply the latest cumulative update for your SQL Server version. That guidance is sound, but it assumes you've done the pre-work to understand what's changing.
The Documentation Problem
The lack of detail in several CU22 KB articles is a legitimate concern, not just a complaint. When a cumulative update silently changes the default behaviour of a feature like Query Store without explaining the thresholds or conditions involved, DBAs are left to discover the effects in production. That's not acceptable for software at this price point.
Microsoft has improved SQL Server documentation considerably over the past decade, but cumulative update documentation remains inconsistent. Some fixes include detailed reproduction steps, root cause explanations, and clear descriptions of the change. Others are a single sentence. The QDS memory limit change in CU22 falls into the latter category, and it's one of the more consequential behavioural changes in this release.
Key Takeaways
- SQL Server 2017 CU22 contains several high-impact fixes covering Query Store, Managed Backup, NVMe restores, columnstore concurrency, linked server result accuracy, and Availability Group stability.
- The Query Store memory management change is the most significant behavioural change in this release. Monitor
sys.databasesfor unexpected READ ONLY transitions after applying the update. - The linked server filtered index bug returns incorrect results silently, making it one of the higher-priority fixes for affected environments.
- Microsoft's documentation for several CU22 fixes is insufficient. Test thoroughly before applying to production, and have a rollback plan ready.
- Apply CU22 in a maintenance window after validating against your specific workload, not as a routine patch without review.
If you're unsure how CU22 applies to your specific SQL Server environment, or you want a second opinion before patching production systems, DBA Services provides SQL Server health checks and patch assessment services for organisations across Australia. Getting an expert review before applying a cumulative update with underdocumented behavioural changes is exactly the kind of risk management that prevents unplanned outages.
Need help with your SQL Servers?
Find out what's really going on inside your SQL Server environment.
Our health checks uncover critical misconfigurations in 97% of reviews.