This Windows Server update is causing a bunch of problems

News
By published

Microsoft broke key Windows Server features with its latest security update

An abstract image of padlocks overlaying a digital background.
(Image credit: Shutterstock)

Microsoft was forced to pull the patches for multiple versions of Windows Server, after they ended up breaking broke multiple key features.

The January Windows Server cumulative updates that addressed numerous critical bugs, security vulnerabilities and different flaws, have had to be recalled as they introduced bugs that forced domain controllers to reboot endlessly, broke Hyper-V, rendered ReFS volumes inaccessible while showing them as RAW file systems.

The updates in question are KB5009624 (Windows Server 2012 R2), KB5009557 (Windows Server 2019), and KB5009555 (Windows Server 2022). The updates are still available from the Microsoft Catalog, although installing at this point is not recommended. 

Troublesome Tuesday

Microsoft has had plenty of trouble with patches this month. Earlier this week, it was reported that the company's monthly Patch Tuesday update for Windows 10 and Windows 11 broke the software’s built-in VPN tool, preventing it from establishing a connection. 

The problem has been widely shared on Reddit, among Windows administrators, which claim the issue affects a couple of third-party VPNs, with SonicWall, Cisco Meraki, and WatchGuard Firewalls all seeing issues.

The two problematic updates are KB5009543 for Windows 10, and KB5009566 for Windows 11. At the moment, the only way to fix the problem is to remove the patches through the command prompt, with the following commands:

Windows 10: wusa /uninstall /kb:5009543 
Windows 11: wusa /uninstall /kb:5009566

The bug with the patch created a major dilemma for Windows admins, as it fixed a major, wormable flaw, on Windows 11. Found in the HTTP Protocol Stack, the flaw allows a malicious actor to execute arbitrary code, remotely, without much user interaction. 

There’s yet no malware abusing this flaw out there, but being extremely dangerous, it’s only a matter of time before one is discovered. To protect vulnerable devices, disabling the HTTP Trailer Support feature will suffice. 

Via: BleepingComputer

Sead Fadilpašić

Sead is a seasoned freelance journalist based in Sarajevo, Bosnia and Herzegovina. He writes about IT (cloud, IoT, 5G, VPN) and cybersecurity (ransomware, data breaches, laws and regulations). In his career, spanning more than a decade, he’s written for numerous media outlets, including Al Jazeera Balkans. He’s also held several modules on content writing for Represent Communications.

Read more
Angry businessman destroying his desk and laptop with a baseball bat
New patch for Windows 11 24H2 reportedly plays havoc with File Explorer, and some folks are claiming it's broken their PC
A laptop with the Windows 11 desktop on screen, glowing, while on a work desk
Are you unable to get security updates for Windows 11 24H2? Here’s the likely reason why, and the fix to get your PC safe and secure again
A Windows 11 laptop sitting on a desk in front of a window
Microsoft warns its January Windows updates may fail if this Citrix software is installed
A hacker wearing a hoodie sitting at a computer, his face hidden.
Microsoft patches three worrying security flaws in its latest critical update, so update now
Windows fail
It looks like Microsoft might have broken Windows 11 24H2 again as performance plummets with Intel's latest CPUs
A man getting angry with his laptop.
Windows 10 update installation failures aren’t rare – but an update that won’t stop installing itself is a new one on me
Latest in Software & Services
woman listening to computer
AWS vs Azure: choosing the right platform to maximize your company's investment
A person at a desktop computer working on spreadsheet tables.
Trello vs Jira: which project management solution is best for you?
Autonomous finance
Quickbooks vs Quicken: what are the main strengths and weaknesses for your business
finance
Quickbooks vs Xero: which is the best for your business?
Group of people meeting
Zoom vs Google Meet: which is the best video conferencing tool for your business?
Fingers typing on a computer keyboard.
Microsoft 365 Personal vs Microsoft 365 Family: are there any real differences?
Latest in News
An image of the Samsung Galaxy S25 Ultra from a hands-on event
Samsung's latest software upgrade could mean Galaxy phones beat iPhones for gaming – but you can't get it yet
person at a computer
Many workers are overconfident at spotting phishing attacks
Google Pixel 8a in aloe green showing
Google Pixel 9a benchmark link teases the performance of the upcoming mid-ranger
Quordle on a smartphone held in a hand
Quordle hints and answers for Monday, March 17 (game #1148)
NYT Strands homescreen on a mobile phone screen, on a light blue background
NYT Strands hints and answers for Monday, March 17 (game #379)
NYT Connections homescreen on a phone, on a purple background
NYT Connections hints and answers for Monday, March 17 (game #645)
More about software services
A person at a desktop computer working on spreadsheet tables.

Trello vs Jira: which project management solution is best for you?
finance

Quickbooks vs Xero: which is the best for your business?
An image of the Samsung Galaxy S25 Ultra from a hands-on event

Samsung's latest software upgrade could mean Galaxy phones beat iPhones for gaming – but you can't get it yet
See more latest
Most Popular
An image of the Samsung Galaxy S25 Ultra from a hands-on event
Samsung's latest software upgrade could mean Galaxy phones beat iPhones for gaming – but you can't get it yet
person at a computer
Many workers are overconfident at spotting phishing attacks
BraX3
This obscure brand wants to launch the most privacy-friendly smartphone ever without Google, but with a mysterious open-source OS at its core
HAMR
Seagate reportedly sold two billion GBs worth of storage to two of the world's largest tech companies
Google Pixel 8a in aloe green showing
Google Pixel 9a benchmark link teases the performance of the upcoming mid-ranger
NYT Connections homescreen on a phone, on a purple background
NYT Connections hints and answers for Monday, March 17 (game #645)
NYT Strands homescreen on a mobile phone screen, on a light blue background
NYT Strands hints and answers for Monday, March 17 (game #379)
Quordle on a smartphone held in a hand
Quordle hints and answers for Monday, March 17 (game #1148)
Oracle
Bluehost owner is moving to Oracle Cloud, so could thousands of websites be about to migrate?
Money
Financial leaders still rely on regular tools like Excel for automation tasks over AI