2025-06-18 – Curated SQL

EchoLeak: Zero-Click Copilot Vulnerability

Published 2025-06-18 by Kevin Feasel

The Microsoft Copilot vulnerability, dubbed EchoLeak, was listed as CVE-2025-32711 in the NIST’s National Vulnerability Database, which gave the flaw a severity score of 9.3. According to Aim Labs, which discovered EchoLeak and shared its research with the world last week, the “zero-click” flaw could “allow attackers to automatically exfiltrate sensitive and proprietary information from M365 Copilot context, without the user’s awareness, or relying on any specific victim behavior.” Microsoft patched the flaw the following day.

The blog post linked above is pretty interesting. Microsoft has patched the vulnerability, so this particular attack vector shouldn’t be an issue. But it will certainly open up the doors for more fun ways of exploiting generative AI-based services.

Leave a Comment

Restoring a Database via dbatools

Published 2025-06-18 by Kevin Feasel

David Seis digs into the Restore-DbaDatabase cmdlet:

In this blog post, we will audit the dbatools command Restore-DbaDatabase. I will test, review, and evaluate the script based on a series of identical steps. Our goal is to provide insights, warnings, and recommendations to help you use this script effectively and safely. Restore-DbaDatabase is powerful tool to automate the restore of any database, and it works well in automated solutions such as daily refreshes or weekly refreshes of production to a lower environment.

David’s blog post takes a look at the cmdlet’s functionality, but also thinking about it from a security perspective.

Leave a Comment

Surge Protection for Background Activities in Fabric Now GA

Published 2025-06-18 by Kevin Feasel

Lukasz Pawlowski makes an announcement:

We’re excited to announce Surge Protection for background operations is now Generally Available (GA). Using surge protection, capacity admins can limit overuse by background operations in their capacities.

Read on to learn more about what surge protection is and some of the consequences of turning this on if you do hit your limits.

Leave a Comment

Securely Sharing Power BI Reports with External Users

Published 2025-06-18 by Kevin Feasel

Soheil Bakhshi continues a series:

Now, in the third and final part of this blog series, we focus on two important areas that are often overlooked:

What happens when Microsoft Purview sensitivity labels are applied to a report

How to refine admin portal settings to better control guest users’ access to Fabric

Click through for the conclusion of this series.

Leave a Comment

Maintaining Statistics Information Post-Update in PostgreSQL 18

Published 2025-06-18 by Kevin Feasel

Laurenz Albe takes a peek at an upcoming feature:

Everybody wants good performance. When it comes to the execution of SQL statements, accurate optimizer statistics are key. With the upcoming v18 release, PostgreSQL will preserve the optimizer statistics during an upgrade with dump/restore or pg_upgrade (see commit 1fd1bd8710 and following). With the beta testing season for PostgreSQL v18 opened, it is time to get acquainted with the new feature.

It’s kind of wild to me that this wasn’t in place years ago for PostgreSQL.

Leave a Comment

T-SQL Tuesday 187 Round-Up

Published 2025-06-18 by Kevin Feasel

Joe Fleming summarizes the latest T-SQL Tuesday:

I was excited to host my first T-SQL Tuesday to find out how you solve problems. It’s a big topic, and I imagine it’s difficult to fully put to paper how your brain works, but I am thankful for the folks who did. Here’s my T-SQL Tuesday Round Up on troubleshooting weird problems.

Click through for breakdowns of each of the participants’ posts.

Leave a Comment

M	T	W	T	F	S	S
						1
2	3	4	5	6	7	8
9	10	11	12	13	14	15
16	17	18	19	20	21	22
23	24	25	26	27	28	29
30

Day: June 18, 2025

EchoLeak: Zero-Click Copilot Vulnerability

Restoring a Database via dbatools

Surge Protection for Background Activities in Fabric Now GA

Securely Sharing Power BI Reports with External Users

Maintaining Statistics Information Post-Update in PostgreSQL 18

T-SQL Tuesday 187 Round-Up