Microsoft’s latest updates for Windows Server seem to have broken more things than they’ve fixed, and the only way to resolve the newly introduced issues is to uninstall the patches completely.
Earlier this month, the Redmond software giant released four updates for different Windows Server versions: KB5014746, KB5014692, KB5014699, and KB5014678.
Admins that installed these updates, soon started reporting a “wide range” of issues, BleepingComputer found, including issues with VPN (opens in new tab) and RDP connectivity on endpoints with Routing and Remote Access (opens in new tab) Service (RRAS) enabled. One of the issues was quite severe, the publication further wrote, as it resulted in servers freezing for a couple of minutes, after a client connects to the RRAS server with SSTP.
Fixing the issue
“What I saw after the June updates were installed was that no TCP connections established from either the client-side or the server-side would ever get up and running. I couldn’t do a basic RDP session into the server either (even where a VPN isn’t needed because I’m connecting from a management PC within the same trusted subnet),” one admin told BleepingComputer.
He also said remote VPN/RRAS clients (opens in new tab) could not connect to the server, and that SSTP, as well as RDP, failed “entirely.” “We ended up using the GCP console interface to get into those servers, to get the RRAS (Routing and Remote Access service) setup not to start so that after a reboot we could remote (opens in new tab) in and revert the patches,” the admin concluded.
Numerous other admins confirmed that the only way to get rid of the problem is to roll the update back.
Microsoft has not yet acknowledged the issue, so it’s hard to determine what causes these problems. BleepingComputer speculates Microsoft recently fixed a “Windows Network Address Translation (NAT) Denial of Service Vulnerability”, tracked as CVE-2022-30152, which could have bricked RRAS connectivity.
Until Microsoft fixes the issue, the only thing admins can do is uninstall the cumulative patches which is hardly a solution given that other fixes that were bundled in these KBs will be reintroduced, as well.