Microsoft Released an Out-of-Band Update to Rollback January Patch's VPN Issues (bleepingcomputer.com) 18
"Microsoft's first Patch Tuesday for 2022 was a rocky start to the year, giving admins and users numerous headaches to deal with..." reports ZDNet. "The Windows Update on January 11 was intended to address 96 security flaws but also brought a load of pain for users and admins."
"One of the major issues that came up during the week for IT admins included finding that Windows Server 2012 became stuck in a boot loop," adds the Verge, "while other versions suffered broken Windows VPN clients, and some hard drives appeared as RAW format (and unusable). Many IT Admins were forced to roll back the updates — leaving many servers vulnerable with none of last week's security patches."
And now for some versions of Windows, this week Microsoft "released emergency out-of-band updates to address multiple issues..." reports BleepingComputer: "This update addresses issues related to VPN connectivity, Windows Server Domain Controllers restarting, Virtual Machines start failure," the company said.... According to admin reports, Windows domain controllers were being plagued by spontaneous reboots, Hyper-V was no longer starting on Windows servers, and Windows Resilient File System (ReFS) volumes were no longer accessible after deploying the January 2022 updates. Windows 10 users and administrators also reported problems with L2TP VPN connections after installing the recent Windows 10 and Windows 11 cumulative updates and seeing "Can't connect to VPN." errors....
[S]ince Microsoft also bundles all the security updates with these Windows cumulative updates, removing them will also remove all fixes for vulnerabilities patched during the January 2022 Patch Tuesday.
While all the updates are available for download on the Microsoft Update Catalog, some of them can also be installed directly through Windows Update, notes Bleeping Computer. But "You will have to manually check for updates if you want to install the emergency fixes through Windows Update because they are optional updates and will not install automatically."
ZDNet adds: As Ask Woody's influential IT admin blogger Susan Bradley recently argued in 2020, Microsoft's decision to roll up patches in a big bundle on the second Tuesday of every month requires admins to place a great deal of trust in the company. That trust is eroded if applying the updates results in a lag on productivity from buggy patches.
Thanks to long-time Slashdot reader waspleg for sharing the story.
"One of the major issues that came up during the week for IT admins included finding that Windows Server 2012 became stuck in a boot loop," adds the Verge, "while other versions suffered broken Windows VPN clients, and some hard drives appeared as RAW format (and unusable). Many IT Admins were forced to roll back the updates — leaving many servers vulnerable with none of last week's security patches."
And now for some versions of Windows, this week Microsoft "released emergency out-of-band updates to address multiple issues..." reports BleepingComputer: "This update addresses issues related to VPN connectivity, Windows Server Domain Controllers restarting, Virtual Machines start failure," the company said.... According to admin reports, Windows domain controllers were being plagued by spontaneous reboots, Hyper-V was no longer starting on Windows servers, and Windows Resilient File System (ReFS) volumes were no longer accessible after deploying the January 2022 updates. Windows 10 users and administrators also reported problems with L2TP VPN connections after installing the recent Windows 10 and Windows 11 cumulative updates and seeing "Can't connect to VPN." errors....
[S]ince Microsoft also bundles all the security updates with these Windows cumulative updates, removing them will also remove all fixes for vulnerabilities patched during the January 2022 Patch Tuesday.
While all the updates are available for download on the Microsoft Update Catalog, some of them can also be installed directly through Windows Update, notes Bleeping Computer. But "You will have to manually check for updates if you want to install the emergency fixes through Windows Update because they are optional updates and will not install automatically."
ZDNet adds: As Ask Woody's influential IT admin blogger Susan Bradley recently argued in 2020, Microsoft's decision to roll up patches in a big bundle on the second Tuesday of every month requires admins to place a great deal of trust in the company. That trust is eroded if applying the updates results in a lag on productivity from buggy patches.
Thanks to long-time Slashdot reader waspleg for sharing the story.
MS is still crap (Score:2)
Forget the weekly list of MS crap. What about the bugs that have been there a decade or more? I had cause last week to replace the drive in my laptop. I'm not that familiar with MS backup technology, so I did both an "Image" backup, and a "File history" backup. The image restore simply wouldn't work. It just gave some obscure message on trying to restore that meant nothing to me. And the File History backup wouldn't show me my backup when I went to restore, for who knows what reason. Eventually I found that
Re: (Score:3)
With all due respect, it sounds like you tried to do too many operations in one step. Were it me, I would have cloned the original drive to the new one using one of the various freewares out there, and then installed the new one and booted up from it. Good likelihood of success, and you always have the old drive to fall back on. Then update/upgrade software on the new one as desired.
Re: (Score:2)
It's not just MS too. Apple, Google, Netgear, Oracle, etc. Everyone is crap. :(
Re: (Score:3)
With Win95, 98, 2000, and XP, the Windows backup utility was fabulous. It lacked some bells and whistles and other features of paid utilities, but it allowed you no-nonsense no-hassle to make a full system backup, backup your files, and restore the system super reliably - saved my butt a few times.
Then came Win Vista, and everything that a prior generation of MS engineers had built to be useful and helpful, even if buggy at times, was torn asunder, including their backup. As with so much of how MS and Win
Why Microsoft started bundling in the first place (Score:3)
Microsoft used to release the patches separately, if a patch was broken - it happened occasionally - we just needed to block out that one patch after the automatic fallback to a working configuration.
Then came Windows 10 and people were making individual decisions on each and every patch, whether it was Windows 10 related or whether it was adding spyware in the name of telemetry. Since Microsoft's own patch descriptions were ludicrously generic ("this patch fixes a problem with Windows"*), we looked the patch-numbers up Online to see what they did. Some of the advice to be found on the 'net was worth considerably less than we paid for it, and it was free.
Bottom line, new patches could make virtually no assumptions about the state of the system they were to be applied to.
Microsoft made this problem by ramming Windows 10 down our collective throats, but they had placed themselves in a situation where releasing Service Packs once a month was pretty much the only way out. What we are seeing now is a logical consequence, and I'm surprised it took so long.
* The versions of Windows I administer are non-English-language, and they don't bother translating the patch descriptions. They really were "this patch fixes a problem with Windows" (translated).
Re: (Score:3)
The versions of Windows I administer are non-English-language, and they don't bother translating the patch descriptions. They really were "this patch fixes a problem with Windows" (translated).
Given their track record, the should consider adding either "purportedly" or "theoretically" to these translated descriptions.
Re: (Score:2)
> adding spyware in the name of telemetry.
> Since Microsoft's own patch descriptions were ludicrously generic
Both of these are why us geek hate MS. They obviously have ZERO respect for their customers. Really? A patch note with no fucking description on WHAT it does??? The Windows product manager should be fired for this shit.
Worked all morning on this issue. (Score:2)
Spent all morning on just this issue. I use LTE for my home Internet right now and I thought the cell company had put some filtering or something in to block VPNs. Didn't think a lot of it at first, but I got to thinking it was kind of funny that ATT and Verizon would both start blocking L2TP VPNs both at the exact same time. Turns out it was a Windows issue. For right now, I rolled back the patch. The new patch standalone was 225 Mb and at this very moment, my Internet is kind of sketchy. It's kind of funn
For MS, Paying Customers = Beta Testers (Score:1)
Re: (Score:2)
Time to start? I finished the process years ago. I still have a sort of rump Windows install for those few and unforeseeable Windows-only things, but it's Debian Linux for me all the way...
Re: (Score:1)
This company just gets worse and worse. Time to really start looking at alternatives to as many of their products as possible.
Forget using Google software and switch to Edge! Where I am currently working Chrome still works on Win 10 only because the interface is set to use Win 7 mode for all the client nodes of the network. Win 10 "pro" stations however have the same problems as Win 10 full desktop with Chrome crashing even if you run the latest versions. It seems that Edge has hacked the hell out of the Blink Google engine that they use now on Edge. Funny as hell how the war with Google is still alive and kicking.
It is getting al
This is why CentOS is now dead (Score:1)
Unwelcome, unannounced, untested "critical updates" with no rhyme or reason, and tested on the community at large, are why Windows updates get deployed weeks or even months later in production environments. The frequency of broken updates is unacceptable, and CentOS 8 Stream is demonstrating at least once a week that Red Hat can't do it either. The unannounced, unplanned updates that break things and never got tested at scale are why most CentOS and Red Hat fans are switching to AlmaLinux.
Red Hat is having
Re: (Score:2)
It does sometimes seem that RH aspires to be like MS. Heck, MS, aspires to be MS - they are totally in over their heads, and are clearly unable to manage the complexity of their various enterprises. Just layer upon layer of nasty cruft. Some bugs in Windows are over a decade old - I know, I've reported them and they're still not fixed.
My first experiences with MS was when their sole product was MSBASIC (which they 'basically' stole). Bill Gates was a money-grubbing scumbag from the very beginning. And MS fa
L2TP/ipsec Has Been Broken Since Win 10 1909/20H1 (Score:1)
Microsoft is so full of crap. They broke L2TP/ipsec VPN with Windows 10 1909 for anyone on domain controller and broke it for everyone with 20H1. To say that it was only recently broken is wishful thinking.