The SQL Server Unicode problem: why your data might not be what you think it is? (2026)
This article is about how the Unicode implementation of Microsoft SQL Server has impact on security. This article covers default encodings, collation algorithms, restricted character sets, implicit conversions, string functions and operators, as well as the collisions they can introduce. It also examines the security implications of the "Best Fit" algorithm and why seemingly equivalent characters may not be treated as such. One thing is certain: your data is probably not what you think it is!