[German]I am posting an issue here on the blog that was reported recently to me by a blog reader. He is experiencing massive issues with his Server 2016 based RDS infrastructure after installing update KB5015808 (for Windows 10 version 1607 Enterprise LTSC and Windows Server 2016). So far there is not really anything to be found on the Internet.
Windows Update KB5015808
Update KB5015808 is available for Windows 10 version 1607 Enterprise LTSC as well as Windows Server 2016. The update is out July 12, 2022, and fixes a number of issues, with Microsoft listing the following highlights.
- Fixes a known issue that may be preventing you from using the Wi-Fi Hotspot feature.
- Fixes security issues for your Windows operating system.
The support article gives a much larger list of fixes:
- Addresses an issue that causes searchindexer.exe to stop responding during a dismount operation in the Remote Desktop setup environment.
- Addresses an issue that redirects the PowerShell command output so that transcript logs do not contain any content. Transcript logs might contain decrypted passwords if you turn PowerShell logging on. Consequently, the transcript logs lose the decrypted passwords.
- Addresses a known issue that might prevent you from using the Wi-Fi hotspot feature. When attempting to use the hotspot feature, the host device might lose the connection to the internet after a client device connects.
- Addresses an issue that prevents the use of Encrypted File System (EFS) files over a Web-based Distributed Authoring and Versioning (WebDAV) connection.
- Addresses an issue that causes Microsoft NTLM authentication using an external trust to fail. This issue occurs when a domain controller that contains the January 11, 2022 or later Windows update services the authentication request, is not in a root domain, and does not hold the Global Catalog role. The affected operations might log the following errors:
- The security database has not been started.
- The domain was in the wrong state to perform the security operation.
- 0xc00000dd (STATUS_INVALID_DOMAIN_STATE).
- Addresses an issue that causes the primary domain controller (PDC) of the root domain to generate warning and error events in the System log. This issue occurs when the PDC incorrectly tries to scan outgoing-only trusts.
- Addresses an issue that might damage BitLocker virtual machine-based (VM) system files if you expand the BitLocker partition while the VM is offline.
- Addresses a known issue that prevents Windows servers that use the Routing and Remote Access Service (RRAS) from correctly directing internet traffic. Devices that connect to the server might not connect to the internet, and servers might lose connection to the internet after a client device connects to them.
In the support article, Microsoft writes that there are no known problems with the update. .
RDS problems after update
German blog reader Patrick B. contacted me by mail last week and reported massive problems he encountered in connection with update KB5015808 in his RDS infrastructure. He writes about this:
Hello Mr. Born
As a regular reader of your blog especially regarding update issues, I would like to provide some input of my own.
In our RDS infrastructures based on Server 2016 we have had massive problems since the July update KB5015808.
Blackscreens, hanging logins, sporadic hangs and crashes.
The classic measures have all been taken:
Firewall Policy Bloat
So far, we have found the problem only on installations with more than 20 users, but with several customers at the same time.
There we inevitably also use FSLogix. Whether this has a connection or not, we can not (yet) conclusively judge, because the symptoms also occur only from a certain load on the RDS.
In any case, RDS on Server 2019 does not seem to be affected. The problems have started at the same time as the installation of the said update.
We intentionally wait 3-4 weeks with the rollout, was probably too little time in this case.
Since the uninstallation of the update (which takes about 1h) we have not received any new error messages.
Unfortunately, nothing can be found about this on the web yet. Possibly a publication in your blog would lead to some more visibility and clarity.
Anyone with similar experiences? Addendum: Ich have added some explanations about an "inoffcial" fix via KIR within my blog post Windows Server 2016: Fix for RDP issues in KB5015808 and later.
Cookies helps to fund this blog: Cookie settings