Wednesday, December 07, 2022

Recent Windows Server updates break VPN, RDP, RRAS connections

Windows Server

A variety of issues are being caused by this month’s Windows Server Update, including VPN and RDP connectivity issues on Routing and Remote Access Service (RRAS) enabled servers.

RRAS is a Windows service that provides additional TCP connectivity and routing features, including remote access or site-to-site connectivity with the help of a virtual private network (VPN) or dial-up connection.

Last week, Microsoft released Windows Server 2019 2012 R2 KB5014746, Windows Server 2019 KB5014692, Windows Server 20H2 KB5014699 and Windows Server 2022 KB5014678 updates as part of the June 2022 Patch Tuesday.

However, after deploying these recent updates, Windows administrators have reported encountering a number of problems that can only be resolved after completely uninstalling the updates.

One of the more serious problems is server freezes for several minutes after a client connects to the RRAS server with SSTP.

Windows Remote Desktop and VPN Connectivity Issues

Most reports related to these problems that occurred since Patch Tuesday have a common theme: Losing Remote Desktop and VPN connectivity with Routing and Remote Access Services (RRAS) to servers where the June Windows Server Update is installed.

“What I noticed after the June update was installed was that any TCP connections established from the client-side or server-side would never be able to get up and running. I could not do a basic RDP session in the server (even with that wherever) a VPN is not needed because I am connecting to a management PC within the same trusted subnet),” one administrator told BleepingComputer.

“Also, none of the remote VPN/RRAS clients could connect to the server (which was why the server was configured for NAT routing in the first place).”

“SSTP completely failed [..] As well as RDP. RDP also failed to our IKE RRAS servers, however the IKE connection continues to work (still not sure how),” said another.

“We ended up using the GCP console interface to get into those servers so that RRAS (Routing and Remote Access Service) setup could not start so that after a reboot we could remote and revert the patch.”

many other administrators [1, 2, 3, 4, 5, 6] Also reported on Reddit and in comments to BleepingComputer stories that they are having problems with LLTP/SSTP VPN clients and RDP failing to connect after applying the June Windows Server Update.

“After rolling back the problem went away. After reinstalling this patch the problem happened a second time. Roll back fixed the problem again. We ran two different RRAS servers from two different locations.” Experienced this problem – a domain,” explained one of them.

While it is not clear what caused these issues, Microsoft tracked down a ‘Windows Network Address Translation (NAT) Denial of Service vulnerability’ as CVE-2022-30152, which may have introduced bugs in RRAS connectivity.

how to fix

Unfortunately, since Microsoft has not yet acknowledged these connectivity issues and provided a solution, the only way to address these issues on the affected server is to uninstall the relevant cumulative update for your Windows Server version.

Administrators can do this by using one of the following commands:

Windows Server 2012 R2: wusa /uninstall /kb:KB5014746
Windows Server 2019: wusa /uninstall /kb:KB5014692
Windows Server 20H2: wusa /uninstall /kb:KB5014699
Windows Server 2022: wusa /uninstall /kb:KB5014678

However, given that Microsoft bundles all security fixes within a single update, removing this month’s cumulative update may have fixed bugs, but also removed all security patches for vulnerabilities addressed during June Patch Tuesday. Will go

Therefore, before uninstalling these updates, you should make sure that it is absolutely necessary and that reviving RDP or VPN connectivity on your server is worth the increased security risks.

As we reported earlier, Microsoft is also working on addressing another known issue affecting both the client and server platforms that caused connectivity issues when using a Wi-Fi hotspot after installing the June Windows Update. There are.

Also, this month’s Windows Update may cause backup issues on Windows Server systems, some apps may fail to back up data using Volume Shadow Copy Service (VSS).

Microsoft did not respond to a request for comment when BleepingComputer reached out earlier today.

Nation World News is the fastest emerging news website covering all the latest news, world’s top stories, science news entertainment sports cricket’s latest discoveries, new technology gadgets, politics news, and more.

Latest News

Related Stories