Microsoft: Patchday side effects – VPN and NTLM problems
The Windows security updates from April are causing problems. Windows 11 has problems with the VPN, servers struggle with NTLM.
The Microsoft patchday in April brought many security patches for various software from Redmond, but some of them are now causing problems. Microsoft has now confirmed the patchday side effects for VPN connections and NTLM traffic.
In the Windows Release Health notes for Windows 11, Microsoft writes that the security updates from April – and apparently also the update preview for April – can cause VPN connections to fail after installation. This affects Windows 11 and Windows 10 as well as Windows Server 2022 down to Windows Server 2008. Microsoft's developers are not yet able to provide more detailed information, but they say they are working on a solution.
Patchday side effects: Desktops and servers affected
On Windows servers running as domain controllers, admins can observe a "significant increase in NTLM authentication traffic" according to Microsoft's description. The issue is more likely to impact organizations that only use a small percentage of primary domain controllers in their environment and already have high NTLM traffic. Here too, the developers are working on a solution for the affected Windows Server 2022 to 2008. Microsoft is not providing corrected security updates or at least temporary countermeasures for either patch side effect.
The latter sounds a bit like the problems caused by the March security patches on some Windows servers with Active Directory. They had caused the machines to stop and restart. There, a memory leak in the Local Security Authority Subsystem Service (LSASS) was responsible for the concerns. At the end of March, the company released corrected security updates.
The March security updates also caused issues on Exchange servers. Microsoft rectified these with hotfixes last week.
(dmk)