Microsoft Patches The Patch That Broke VPN

Microsoft has patched the patch that broke chunks of Windows and emitted fixes for a Patch Tuesday cock-up that left servers rebooting and VPNs disconnected.

There was a time when out-of-band updates from Microsoft were considered a rarity. Not so much these days. On the receiving end of the company’s attention were Windows desktop and Windows Server installs left a little broken following Microsoft’s latest demonstration of its legendary quality control.

KB5010793, KB5010792, KB5010790 and KB5010789 were slung out for Windows 10 and Windows Server. Even Windows 7 and Windows Server 2008 R2 got some love with KB5010798 and KB5010799, such was the blast radius of last week’s whoopsie.

To recap, last week’s patches caused all manner of problems for administrators. Hyper-V gave up the ghost and domain controllers experienced surprise restarts. The perhaps inappropriately named Windows Resilient File System (ReFS) also had problems following the update, which left volumes inaccessible for some users. Other users reported problems with VPN connections on Windows versions from the 2015 LTSB edition right up to Windows 11, something Microsoft acknowledged with an update to its Windows release health dashboard.

The VPN problem could be dealt with by disabling the Vendor ID (if available) within the server-side settings. Or admins could throw caution to the wind and uninstall the patches, even though some pretty important security fixes also lurked within.

As for the nature of the problems, a patch to fix the issue of VMs in Hyper-V failing to start noted that “Virtual machines (VMs) located on a server that has Unified Extensible Firmware Interface (UEFI)” had problems.

As for VPNs, the patches dealt with “a known issue that might cause IP Security (IPSEC) connections that contain a Vendor ID to fail. VPN connections using Layer 2 Tunneling Protocol (L2TP) or IP security Internet Key Exchange (IPSEC IKE) might also be affected.”

Microsoft has had a torrid time of it with the quality of its patches. 2021 featured updates that borked printers and triggered Blue Screens of Death. While some might have hoped that a new leaf would be turned over in 2022, the company’s approach to testing has thus far remained reassuringly consistent. ®