Microsoft is actively working to fix a bug within its Defender for Endpoint enterprise security platform. The issue causes the software to incorrectly tag SQL Server versions 2017 and 2019 as end-of-life, even though they are still supported for several years. This problem has been affecting customers using Microsoft Defender XDR since at least Wednesday morning. According to official support timelines, SQL Server 2019 is supported until January 2030, and SQL Server 2017 reaches its extended support end date in October 2027.
The root cause of the error has been identified as a code issue introduced by a recent change to how the platform handles end-of-support software. Microsoft has already started deploying a fix to revert this change. This quick response aims to correct the inaccurate vulnerability management tagging that users are seeing. The company stated that users with the affected SQL Server versions may observe this incorrect end-of-life status within their Threat and Vulnerability Management dashboards.
This incident has been labeled an “advisory,” which is a designation Microsoft uses for service issues with a limited scope or impact. While the company has not provided exact details on the extent of the problem, it has confirmed that all users with SQL Server 2017 and 2019 installed may be affected. The ongoing deployment of the fix is expected to reverse the issue, though a precise timeline for completion has not yet been announced.
This is not the first time Microsoft’s security products have experienced such issues. Just last week, the company resolved a similar bug where Defender for Endpoint incorrectly marked the BIOS firmware on some Dell devices as outdated. This prompted users to perform unnecessary updates. Additionally, Microsoft engineers recently fixed black-screen crashes on macOS devices, which were caused by a conflict within Apple’s security framework.
False positives have been a recurring theme. In early September, Microsoft had to mitigate an issue where an anti-spam service was mistakenly quarantining emails and blocking users from opening URLs in Exchange Online and Microsoft Teams. The current SQL Server bug is another example of these occasional, but impactful, software glitches that require rapid response and resolution to maintain user trust and system integrity.
Reference:
