Breaking changes to Database Engine features in SQL Server 2017 (14.x)

Applies to: SQL Server 2017 (14.x) and later

This article describes breaking changes in the SQL Server 2017 (14.x) Database Engine. These changes might break applications, scripts, or functionalities that are based on earlier versions of SQL Server. You might encounter these issues when you upgrade.

Breaking changes in SQL Server 2017 Database Engine

• CLR uses Code Access Security (CAS) in the .NET Framework, which is no longer supported as a security boundary. Beginning with SQL Server 2017 (14.x) Database Engine, an sp_configure option called clr strict security is introduced to enhance the security of CLR assemblies. clr strict security is enabled by default, and treats SAFE and EXTERNAL_ACCESS CLR assemblies as if they were marked UNSAFE. The clr strict security option can be disabled for backward compatibility, but this isn't recommended. When clr strict security is disabled, a CLR assembly created with PERMISSION_SET = SAFE may be able to access external system resources, call unmanaged code, and acquire sysadmin privileges. After enabling strict security, any assemblies that aren't signed will fail to load. Also, if a database has SAFE or EXTERNAL_ACCESS assemblies, RESTORE or ATTACH DATABASE statements can complete, but the assemblies may fail to load.

  To load the assemblies, you must either alter or drop and recreate each assembly so that it's signed with a certificate or asymmetric key that has a corresponding login with the UNSAFE ASSEMBLY permission on the server. For more information, see CLR strict security.

• The MD2, MD4, MD5, SHA, and SHA1 algorithms are deprecated in SQL Server 2016 (13.x). Up to SQL Server 2016 (13.x), a self-signed certificate is created using SHA1. Starting with SQL Server 2017 (14.x), a self-signed certificate is created using SHA2_256.

Previous versions

• Breaking Changes to Database Engine Features in SQL Server 2016

• Breaking Changes to Database Engine Features in SQL Server 2014

Archived documentation for old versions of SQL Server

We accumulate and retain documentation for very old versions of Microsoft SQL Server, in sets of archived webpages. The archived webpages are not processed by search engines, such as bing.com and google.com. Yet you can see these archives at our Docs previous-versions/sql/ address:

• SQL Server previous versions documentation

These archives include the documentation for at least the following older versions:

• SQL Server 2014 (12.x)
• SQL Server 2012 (11.x)
• SQL Server 2008 R2 (10.50.x)
• SQL Server 2008 (10.0.x)
• SQL Server 2005 (9.x)

SQL Server 2014 documentation is still available on our main Docs address.

SQL Server 2022 documentation is available on our main Docs address. Then, you can use the versioning dropdown near the top of the page, to select another version of interest.

For more information about the documentation for previous versions of SQL Server, see Previous versions of SQL Server documentation.

See also

• Deprecated Database Engine Features in SQL Server 2016
• Discontinued Database Engine Functionality in SQL Server 2016
• SQL Server Database Engine Backward Compatibility
• ALTER DATABASE Compatibility Level (Transact-SQL)