Microsoft was forced to pull patches for several versions of Windows Server after they broke several key features.
The January Windows Server Cumulative Update, which addressed several critical bugs, security vulnerabilities, and various flaws, had to be recalled because they introduced bugs that forced domain controllers to reboot endlessly, allowing Hyper-V to rendering the REFS volume inaccessible, showing it as a RAW file. system
The updates in question are KB5009624 (Windows Server 2012 R2), KB5009557 (Windows Server 2019), and KB5009555 (Windows Server 2022). Updates are still available from the Microsoft Catalog, although installing is not recommended at this point.
Microsoft has had a lot of trouble with the patch this month. Earlier this week, it was reported that the company’s monthly Patch Tuesday updates for Windows 10 and Windows 11 broke the software’s built-in VPN tool, preventing it from establishing a connection.
The problem has been widely shared on Reddit among Windows administrators, who claim that the problem affects some third-party VPNs, with SonicWall, Cisco Meraki, and WatchGuard firewalls all seeing issues.
KB5009543 for Windows 10 and KB5009566 for Windows 11 are the two problematic updates. At the moment, the only way to fix the problem is to remove the patch via Command Prompt with the following command:
Windows 10: wusa /uninstalled/kb:5009543
Windows 11: WUSA /Uninstalled/KB:5009566
The bug with the patch posed a major dilemma for Windows admins, as it fixed a major, worrying flaw on Windows 11. Found in the HTTP protocol stack, the flaw allows a malicious actor to execute arbitrary code, remotely, without much user interaction. ,
There is no malware out there yet exploiting this flaw, but being extremely dangerous, it only takes a while for one to be discovered. To protect vulnerable devices, disabling the HTTP Trailer support feature will suffice.
- You might also want to check out our list of the best antivirus software today
Via: Bleeping Computer