The latest Microsoft updates for Windows Server seem to have broken more things than they have fixed, and the only way to resolve the newly introduced issues is to completely uninstall the fixes.
Earlier this month, software giant Redmond released four updates for different versions of Windows Server: KB5014746, KB5014692, KB5014699 and KB5014678.
Administrators who installed these updates soon began reporting a “wide range” of issues, BleepingComputer found, including VPN issues (opens in a new tab) and RDP endpoint connectivity with routing and remote access (opens in a new tab) The service (RRAS) is activated. One of the problems was quite serious, the publication said, as it caused the servers to freeze for a few minutes after a client connected to the RRAS server with SSTP.
Fix the problem
“What I saw after installing the June updates was that no TCP connections established by either the client or the server will ever be triggered. I could not do a basic RDP session on the server (even when a VPN is not needed because I am connecting from a management computer within the same trusted subnet), “an administrator told BleepingComputer.
He also said remote VPN / RRAS clients (opens in a new tab) could not connect to the server and this SSTP, as well as RDP, failed “completely”. Finally, we used the GCP console interface to log in to these servers to keep the RRAS (Routing and Remote Access Service) setup from starting, so that after a reboot we can remotely (opens in a new tab) and return the patches, “the administrator concluded.
Many other administrators have confirmed that the only way to get rid of the problem is to roll back the update.
Microsoft has not yet acknowledged the problem, so it is difficult to determine what is causing the problem. BleepingComputer speculates that Microsoft recently fixed a Windows Network Address Translation (NAT) denial vulnerability, tracked as CVE-2022-30152, that could have disrupted RRAS connectivity.
Until Microsoft fixes the problem, the only thing administrators can do is uninstall the cumulative patches, which is unlikely to be a solution, given that other fixes that were packaged in these KBs will also be re-introduced.