[German]With the January 11, 2022 security updates, an issue occurred that caused Windows Server Domain Controllers to enter a cyclic restart loop. I had reported in the blog and Microsoft had already provided special updates in January to fix the problems. Now it seems Microsoft has also posted a corresponding entry on its status page for Windows Server 2022.
Review: Windows Server DC boot loop
I had mentioned it in the blog post Windows Server: January 2022 security updates are causing DC boot loop. Administrators of Windows Domain Controllers faced the problem of machines rebooting cyclically (15 minutes apart) after installing the January 2022 security updates. Lsass.exe (or wininit.exe) triggered a blue screen with the stop error 0xc0000005. Microsoft then released out-of-band updates on 1/17 and 1/18/2022 to fix this problem (see also the links at the end of the article). As of Jan. 18, 2022, these issues should be resolved (see also Status of January 2022 security updates from Microsoft (2022/01/25)) – when I also point out a possible conflict in the blog post Windows Server 2019: Is Update KB5010791 causing a Boot Loop?
Lsass boot loop added to status entry
The colleagues at Bleeping Computer have noticed that Microsoft has now created an addendum in the Windows Server 2022 status area that addresses this DC boot loop (although the fixes date back to January 17, 2022).
There it is confirmed that update KB5009555 can restart unexpectedly on domain controllers (DCs) with affected versions of Windows Server. In this case, you will see an error dialog for Lsass.exe that says: "Your PC will restart automatically in one minute" or "The system will shut down and restart now". On Windows Server 2016 and later, you are more likely to be affected if DCs use Shadow Principals in Enhanced Security Admin Environment (ESAE) or Privileged Identity Management (PIM) environments.
The issue affected the following Windows Server versions and was fixed with the out-of-band updates (e.g., KB5010796) dated 1/17/18/2022.
- Windows Server 2022
- Windows Server Version 20H2
- Windows Server 2019
- Windows Server 2016
- Windows Server 2012 R2
- Windows Server 2012
Windows Server 2008 R2 is no longer listed by Microsoft, even though it is still provided with security updates in the ESU program and also received out-of-band update on January 17, 2022.
Windows Server: Out-of-Band Update fixes Remote Desktop issues (2022/01/04)
Microsoft Office Updates (January 4, 2022)
Microsoft Security Update Summary (January 11, 2022)
Patchday: Windows 8.1/Server 2012 R2 Updates (January 11, 2022), boot loop reported
Patchday: Windows 10 Updates (January 11, 2022)
Patchday: Windows 11 Updates (January 11, 2022)
Patchday: Updates for Windows 7/Server 2008 R2 (January 11, 2022)
Windows Server: January 2022 security updates are causing DC boot loop
Windows VPN connections (L2TP over IPSEC) broken after January 2022 update
Windows Server 2012/R2: January 2022 Update KB5009586 bricks Hyper-V Host
Microsoft patch day issues Jan. 2022: bugs confirmed, but updates not pulled
Microsoft Microsoft Januar 2022 Patchday Revisions (2022/01/14)
Windows Out-of-band Updates fixes Jan. 2022 patch day issues (Jan. 17, 2022)
Windows 10/Server: Out-of-band Updates fixes Jan. 2022 patch day issues (Jan. 17, 2022)
Out-of-band Updates for Windows Server 2019 fixes Jan. 2022 Patch day issues (Jan. 18, 2022)
Windows 7/8.1; Server 2008R2/2012R2: Out-of-band Updates with Fixes for Jan. 2022 Patch day Issues (2022/01/17)
Review: Fix for Windows IPSec VPN Connection Issues
Out-of-Band Updates for Windows (Jan. 17/18, 2022) doesn't fixes ReFS Issues complete
Review: Fix for Hyper-V Host Startup Problem in Windows (January 2022)
Status of January 2022 security updates from Microsoft (2022/01/25)
Cookies helps to fund this blog: Cookie settings