[German]The security updates Microsoft released on April 12, 2022, has closed numerous vulnerabilities. In particular, the vulnerability CVE-2022-26809 is security-critical and should be patched promptly. The password loop caused by the March 2022 preview updates has also been fixed. But there are also issues: Remote Desktop Gateway roles on Windows Server 2022 break, Edge or Chrome may fail to start in Windows 11, and there are installation errors in Windows Server 2012 (caused by antivirus solutions).
Advertising
KB5012592 blocks Edge/Chrome
Update KB5012592 for Windows 11 causes Google Chrome and Edge browsers to stop launching and issues error code 0xc0000022. Blog reader EP points out this issue in this comment, which Windows Latest claims in this post for the April 2022 updates for Windows 10 and Windows 11.
The issue doesn't affect very many users. The cause is probably compatibility issues between the updates for Windows 10/11 and antivirus solutions from ESET, which can cause app crashes. According to the Windows Latest article, ESET is working on this problem, but manual user intervention may still be required.
Sophos blocks update installation
In this German comment blog reader Goran reports that Sophos antivirus solution is blocking the installation of the patches on Windows Server 2012. His statement: the patches are not installed until you install Services:
Sophos Agent
Sophos Anti-Virus (SAVService)
Sophos System Protection Service
to manual, stop and restart after reboot. Maybe it will help one or the other affected person.
Password loop fixed
The preview update KB5011551, released on March 22, 2022, causes a password loop on Windows Server 2019 for some people. Users are prompted to reset their (expired) password, but were unable to make this password change. I had picked this up in the blog post Windows Server 2019: Update KB5011551 causes password loop. There, are came further confirmations by other administrators in these comments.
Advertising
The problem seems to have affected all versions of Windows, because Microsoft has actually mentioned in the descriptions of all Windows updates from April 12, 2022 that the password entry problem has been fixed.
Remote Desktop Gateway still broken
Cumulative update KB5011497 for Windows Server 2022, released on March 8, 2022, already caused issues with the Remote Desktop Gateway on Windows Server 2022. After the update installation, various roles for Remote Desktop Gateways no longer exist or work. I addressed the issue as well as confirmation of issues by other administrators in the blog post Windows Server 2022: March 2022 update KB5011497 breaks remote desktop gateway role. After more updates were released on April 12, 2022, administrators are noticing the same errors with this update on Windows Server 2022. I picked this up in the blog post Windows Server 2022: Update KB5012604 breaks Remote Desktop Gateway.
Patching Vulnerability CVE-2022-26809
April 2022 security updates, Microsoft also patched the remote code execution (RCE) vulnerability CVE-2022-26809. To exploit this vulnerability, an attacker would need to send a specially crafted RPC call to an RPC host. This could lead to remote code execution on the server side. This uses the same permissions as the RPC service. Exploitation of the vulnerability is considered likely by Microsoft. The vulnerability has received a CVE score of 9.8, so it is rated as critical.
Microsoft has addressed the vulnerability in security updates. Since the attack occurs through TCP port 445, Microsoft suggests blocking this port in the network's corporate firewall to protect systems located behind it from attacks. Colleagues at Bleeping Computer also take up the issue. By the way, Akamai has published a blog post with more details, as the following tweet reveals.
Similar articles:
Patchday: Windows 10 Updates (April 12, 2022)
Patchday: Windows 11/Server 2022 Updates (April 12, 2022)
Windows 7/Server 2008R2; Windows 8.1/Server 2012R2: Updates (April 12, 2022)
Windows Server 2019: Update KB5011551 causes password loop
Windows Server: Open issues from March 2022 Updates (KB5011551, KB5011497)
Windows Server 2022: March 2022 update KB5011497 breaks remote desktop gateway role
Windows Server 2022: Fix for Remote Desktop problems with update KB5011497
Windows Server 2022: Update KB5012604 breaks Remote Desktop Gateway
My biggest problem is massive loads on ethernet making browser performance in the crapper. Task manager shows ethernet spikes all the way to 100% with half the graph fully colored when I launch a browser.
Gaming performance is getting killed as well.
Wasnt a problem until the recent patch that I got this week. FB takes forever to load and while youre scrolling down the posts are blank for up to 20 seconds until they finish loading.
Also got the same patch on my work computer and I'm seeing the same issue.