It seems January hasn’t started off in the best way for the Microsoft patching world. Yesterday the usual updates were released and this time there seems to have been an operational massacre. The problems are transversal on different operating systems and undermine their operational stability.
Windows 10 KB5009543 – Once installed, L2TP VPNs stop working with the following error: “The L2TP connection attempt failed because the security layer encountered a processing error during initial negotiations with the remote computer”
Windows 10 KB5008212 – Once installed, the search within Outlook no longer provides the required results. From this point of view, there is a document that explains a workaround – Outlook Search not showing recent emails after Windows update KB5008212 (microsoft.com).
Windows Server 2012 R2 KB5009624 – Once installed on the domain controllers, a reboot loop begins that prevents access to the machines and therefore the provision of services, as well as generating an error on the LSASS.EXE service (0xc0000005 access violation).
Windows Server 2012 R2 KB5009624 – Always the same patch, installed on Hyper-V hosts, fails the service that prevents virtual machines from running.
Windows Server 2012 R2 KB5009595, Windows Server 2019 KB5009557, Windows Server 2022 KB5009555 – Once installed on domain controllers, problems may occur on the DNS part.
Windows Server 2012 KB5009586, Windows Server 2012 R2 KB5009624, Windows Server 2016 KB5009546, Windows Server 2019 KB5009557, Windows Server 2022 KB5009555 – Once installed on domain controllers, unexpected reboot loop can happen – Note: On Windows Server 2016 and later, you are more likely to be affected when DCs are using Shadow Principals in Enhanced Security Admin Environment (ESAE) or environments with Privileged Identity Management (PIM).
Windows Server 2012 R2 KB5009595, Windows Server 2019 KB5009557, Windows Server 2022 KB5009555 – Always the same patch can make ReFS formatted disks into RAW state.
Windows Server 2012 R2 KB5009595, Windows Server 2019 KB5009557, KB5009624, Windows Server 2016 KB5009546, Windows Server 2022 KB5009555 – Once installed IP Security (IPSEC) connections which contain a Vendor ID might fail. VPN connections using Layer 2 Tunneling Protocol (L2TP) or IP security Internet Key Exchange (IPSEC IKE) might also be affected. – Workaround: To mitigate the issue for some VPNs, you can disable Vendor ID within the server-side settings. Note: Not all VPN servers have the option to disable Vendor ID from being used.
Microsoft is focused to understand the root cause of each issues and probably the patches will be republished soon. The advice is to wait a couple of weeks before proceeding with patching because these updates are considered essential to resolve security vulnerabilities. If you have already installed the patches, and you have issues, uninstall them.