Microsoft released Patch Tuesday updates for multiple versions of Windows Server just a couple of days ago. While the updates were supposed to fix issues with Lightweight Directory Access Protocol (LDAP) and enhance security, they appear to have triggered several other major problems as well. According to multiple reports, the latest updates cause domain controller (DC) boot loop and also break Hyper-V.
As noted by BornCity and Bleeping Computer, Windows Server admins are reporting instances of Windows restarting after every few minutes after installing KB5009624, KB5009595, and KB5009557. All versions of Windows Server are reportedly affected with admins observing that the boot loop is caused after the LSASS.exe process utilizes all CPU resources and then terminates. Since the aforementioned process is critical to operations, this results in an OS restart. Reports claim that Windows Server reboots with error codes 0xc0000005 and 0xc0000006.
Another issue plaguing Windows Server installations is that Hyper-V no longer starts after installing the latest update. As such, virtual machines don't launch either. Although the majority of reports say that this affects only Windows Server 2012 R2, some have claimed that it affects newer versions too.
Yet another issue relates with the Windows Resilient File System (ReFS) volumes being no longer accessible or being shown as unformatted.
In almost all these cases, Windows admins have reported that uninstalling the latest and problematic Patch Tuesday updates have fixed the issues. That said, it is extremely important to note that Patch Tuesday updates contain cumulative fixes which means that uninstalling them will also result in your machines being left in a vulnerable state. As such, resort to this option only if all other workarounds fail. In the meantime, we have reached out to Microsoft for comments on the matter and will update if the company responds.
Source: BornCity, Bleeping Computer
32 Comments - Add comment