Connect with us

Hi, what are you looking for?


New Windows Server updates cause DC boot loops, break Hyper-V

windows server

Windows Server

The latest Windows Server updates are causing severe issues for administrators, with domain controllers having spontaneous reboots, Hyper-V not starting, and inaccessible ReFS volumes until the updates are rolled back

Yesterday, Microsoft released the Windows Server 2012 R2 KB5009624 update, the Windows Server 2019 KB5009557 update, and the Windows Server 2022 KB5009555 update as part of the January 2022 Patch Tuesday.

After installing these updates, administrators have been battling multiple issues that are only resolved after removing the updates.

Windows domain controller boot loops

The most serious issue introduced by these updates is that Windows domain controllers enter a boot loop, with servers getting into an endless cycle of Windows starting and then rebooting after a few minutes.

As first reported by BornCity, this issue affects all supported Windows Server versions.

“Looks KB5009557 (2019) and KB5009555 (2022) are causing something to fail on domain controllers, which then keep rebooting every few minutes,” a user posted to Reddit.

A Windows Server administrator told BleepingComputer that they see the LSASS.exe process use all of the CPU on a server and then ultimately terminate.

Advertisement. Scroll to continue reading.

As LSASS is a critical process required for Windows to operate correctly, the operating system will automatically restart when the process is terminated.

The following error will be logged to the event viewer when restarting due to a crashed LSASS process, as another user on Reddit shared.

“The process wininit.exe has initiated the restart of computer [computer_name] on behalf of user for the following reason: No title for this reason could be found Reason Code: 0x50006 Shutdown Type: restart Comment: The system process ‘C:WINDOWSsystem32lsass.exe’ terminated unexpectedly with status code -1073741819. The system will now shut down and restart.”

Hyper-V no longer starts

In addition to the boot loops, BleepingComputer has been told by Windows administrators that after installing the patches, Hyper-V no longer starts on the server.

This bug primarily affects Windows Server 2012 R2 server, but other unverified reports say it affects newer versions of Windows Server.

As Hyper-V is not started, when attempting to launch a virtual machine, users will receive an error stating the following:

“Virtual machine xxx could not be started because the hypervisor is not running.”

Microsoft released security updates to fix four different Hyper-V vulnerabilities yesterday (CVE-2022-21901, CVE-2022-21900, CVE-2022-21905, and CVE-2022-21847), which are likely causing this issue.

ReFS file systems are no longer accessible

Finally, numerous admins are reporting that Windows Resilient File System (ReFS) volumes are no longer accessible or are seen as RAW (unformatted) after installing the updates.

The Resilient File System (ReFS) is a Microsoft proprietary file system that has been designed for high availability, data recovery, and high performance for very large storage volumes.

“Installed these updates tonight, in a two server Exchange 2016 CU22 DAG, running on Server 2012 R2. After a really long reboot, the server came back up with all the ReFS volumes as RAW,” explained a Microsoft Exchange administrator on Reddit.

Advertisement. Scroll to continue reading.

“NTFS volumes attached were fine. I realize this is not exclusively an exchange question but it is impacting my ability to bring services for Exchange back online.”

Uninstalling the Windows Server updates made the ReFS volumes accessible again.

Yesterday, Microsoft fixed seven remote code execution vulnerabilities in ReFS, with one or more likely behind the inaccessible ReFS volumes.

These vulnerabilities are tracked as CVE-2022-21961, CVE-2022-21959, CVE-2022-21958, CVE-2022-21960, CVE-2022-21963, CVE-2022-21892, CVE-2022-21962, CVE-2022-21928.

How to fix?

Unfortunately, the only way to fix these issues is to uninstall the corresponding cumulative update for your Windows version.

Admins can do this by using one of the following commands:

Windows Server 2012 R2: wusa /uninstall /kb:KB5009624 
Windows Server 2019: wusa /uninstall /kb:KB5009557 
Windows Server 2022: wusa /uninstall /kb:KB5009555

As Microsoft bundles all security fixes into the single update, removing the cumulative update may fix the bugs, but will also remove all fixes for recently patched vulnerabilities.

Therefore, uninstalling these updates should only be done if absolutely necessary.

Not to be outdone by Windows Server, Windows 10 and Windows 11’s updates are also breaking L2TP VPN connections.

Advertisement. Scroll to continue reading.

BleepingComputer has reached out to Microsoft for fixes on these issues but has not heard back at this time.

Source link

Click to comment

Leave a Reply


Top Stories

FTX founder Sam Bankman-Fried and Alameda Ventures made recent headlines for bailing out a handful of CeFi crypto platforms this week, but what exactly...

Top Stories

Although Bitcoin is struggling to form a bottom, altcoins are on a roll and the current price action could benefit UNI, XLM, THETA and...

Top Stories

Ethereum’s native token Ether (ETH) has declined by more than 35% against Bitcoin (BTC) since December 2021 with a potential to decline further in...

Top Stories

The company enables artists and collectors to create, purchase and resell NFTs via blockchain-enabled transactions. Source link


Interested in learning what’s next for the gaming industry? Join gaming executives to discuss emerging parts of the industry this October at GamesBeat Summit...

Top Stories

Bitcoin (BTC) made the most of weekend volatility on June 26 as a squeeze saw BTC/USD reach its highest in over a week. BTC/USD...


You May Also Like


Introductions get a lot of attention. I’ve explored the topic of how to write them even though as a reader, I always skip them....

Online Business Success

The internet is now our nervous system. We are constantly streaming and buying and watching and liking, our brains locked into the global information...

SEO Guide

There are all kinds of pictures of the world on the internet, but to find one of these specific pictures that you want to...

Online Business Success

You can think of link building in many ways. I like to call it tedious, painful, and a test of patience. It’s also necessary...