Microsoft addresses last week’s buggy Windows Updates that broke VPNs and rebooted servers

The image is by Alex Castro.

Microsoft released an out-of-band update yesterday to fix some Windows issues caused by last week's monthly patching cycle on Patch Tuesday.

There were security patches and a fix for Japanese text appearance issues in Windows 11 and Windows 10, along with a secret payload of issues.

One of the major issues that came up during the week for IT admins was the fact that Windows server 2012 became stuck in a boot loop, while other versions suffered broken Windows VPN clients, and some hard drives appeared as RAW format. Many IT admins were forced to roll back the updates, leaving vulnerable server with no security patches last week.

Some IT admins are frustrated by the process and are sharing their grievances. They found that the OOB update would force them to first run last week's buggy patches, which could cause some Domain Controllers to restart and lose access to external drives.

There are issues related to VPN connection, Windows server domain controllers restarting, Virtual Machine start failures, and ReFS-formatted removeable media failing.
>
January 17, 2022.

An IT admin for a university was able to confirm that they had to roll back last Tuesday's update because external ReFS drives had become incompatible with Microsoft. The department had to migrate data before running the updates again because Microsoft stated that ReFS should only be used on fixed drives.

If the ReFS issue has not been addressed by Microsoft, they might have thought the drives were faulty, then tried to reformat to a different format, and lost the data, as other posts shared accounts of ReFS failing on them.

IT admins with access to Microsoft's update catalog can download and load the OOB update, but it is not currently available in the Windows server update services catalog, leaving admins forced to manually download and load it.

An individual by the name of syshum on the sys admin subreddit jokes about why Microsoft still uses domain controllers. You should be using only the cloud. There are some reasons why subscription cloud services likeAzure contribute more to the company's constant revenue flow than a long-term supported Active Directory solution on-premises.

Support for on-premise solutions is still available. The problem of patching the older Server 2012 R2 was addressed by Microsoft's product manager for Active Directory.

There is a thread on patching with Windows updates.
>
There are two types of updates on the older servicing stack - a Monthly Rollup and a Security-Only.
>
January 18, 2022.

If you go to Windows Update on your computer, you will be able to get some fixes for Windows 11 and Windows 10. There is no fix for Windows server 2019.