Windows January 2023 patchday issues

Windows[German]The security updates released by Microsoft on January 10, 2023 for the various Windows versions (clients, servers) do close some critical vulnerabilities. However, there are a number of user messages that report installation problems. In addition, it looks like the fixed bugs like ODBC connection errors on SQL databases are not fixed for all users.


Advertising

Windows Patchday January 2023

As of of January 10, 2023, Microsoft has released security updates for the various Windows versions (clients, servers) that are also intended to close vulnerabilities that are considered critical. I provide an overview of the most critical vulnerabilities in the blog post Microsoft Security Update Summary (January 10, 2023) and in the blog posts about Windows update linked at the end of the article.

ODBC driver SQL connection error

In all security updates, Microsoft states that the, already confirmed (see Windows: November 2022 updates cause ODBC connection problems with SQL databases), ODBC-SQL database connection bug should be fixed:

This update addresses a known issue that affects apps that use Microsoft Open Database Connectivity (ODBC) SQL Server Driver (sqlsrv32.dll) to connect to databases. The connection might fail. You might also receive an error in the app, or you might receive an error from the SQL Server.

In this German comment a blog reader reported that this error still occurs with him. Unfortunately, there is no response to the question about details and whether the replacement of the driver (see Windows: Microsoft Workaround for ODBC SQL connection issues (Jan. 5, 2023)) helps. Anyone else who hasn't had the ODBC problems fixed?

In a second comment German blog reader Eiko also reported issues with SQL Server (2017) on Windows Server 2012  in connection with update KB5022348:

I have here two servers 2012, one runs the SQL server and on the other the application that uses the SQL. Since the update (KB5022348) the connection to the SQL server does not work and the application reports SSL errors when connecting. I'll see if it works again when I uninstall the update.

So far there is no feedback if the uninstallation helped.


Advertising

Is the BlueScreen 0xc000021a fixed?

The December 2022 security updates could cause a BlueScreen (Stop error) on Windows systems. Microsoft had confirmed the BlueScreen bug in Dec 2022 for Windows 10 20H2-22H2 (see Windows 10 20H2-22H2: Update KB5021233 from 13. Dec. 2022 causes BlueScreen). Within the blog post a workaround to fix the BSOD is given. However, it seems to have hit Windows 11 as well, as the colleagues from Bleeping Computer write here.

Microsoft claims to have fixed BSOD

In this German comment and here reader Birgit asks if the bluescreen problem (from the December 2022 Windows Cumulative Update) is now fixed with the January patch. In the update description for Windows 10, Microsoft states:

This update addresses a known issue that might affect startup on some Windows devices. They might receive an error (0xc000021a) and have a blue screen.

So they have been working on this problem and believe they have solved it.

0xc000021a on Windows Server 2016

However, there are some voices that still complain about a stop error 0xc000021a. On German site administrator.de there is the thread WS 2016 BSOD 0xc000021a nach Security Update, where someone reports the stop error for Windows Server 2016.

An old known BSOD is back again.
I have 3 (Exchange) servers. (Exchange does not matter here).
2 of them were successfully installed with the 2022-12 Windows Updates.
one has a BSOD after the update.

[…]

Each time the same thing.
Installation goes through without a problem.
when shutting down he installs yes still one or the other.
As soon as he "really" restarts, the server no longer comes up. BSOD.

But since it is Windows Server 2016, there could be another cause, because the support article of update KB5022289 does not mention the fix for the stop code 0xc000021a. The measures mentioned in the German Windows FAQ do not help either.

Installation errors

Furthermore, some people report that updates cannot install and a rollback occurs.

Windows 10 Update KB5022282

On Facebook, there is a German comment on my article Patchday: Windows 10-Updates (10. Januar 2023) reporting an installation error in 22H2 (translated):

The update KB5022282 fails for me. Error code: 0x80073701.

3 attempts, failed 3 times. Anyone else having problems with this? What can be done?

The usual approaches with dism /online /cleanup-image /startcomponentcleanup, download and manual installation also failed. Statement:

Downloaded manually and tried to install. After reaching 100% terse error message "The update was not installed."

Tried sfc /scannow, finds no errors.

Event Viewer reports "Package KB5022282 failed to be changed to the Installed state. Status: 0x80073701.2"

My question about what is in the CBS.log was answered as follows:

There are very, very many error messages in the CBS. Example:

"Extraction of file: update.ses failed because it is not present in the container".

To put it mildly, the update archive is not complete.

When installing it is noticeable, it goes to 10%, then to 20%, then to 44% and then very quickly to 100%, as if something is missing. After that the error message. But that does not have to mean anything, are often such jumps in the installation progress in it.

There is a similar report in German Windows 10 forum. The user contacted me again on Facebook and writes:

I have uninstalled KB5021233 and reinstalled it via the update catalog. This is a problem update that sometimes led to a BSOD. Whether this update was changed afterwards, I can not say. In any case, I did not have a new BSOD. But the crucial thing: Afterwards KB5022282 could be installed without any problems.

If someone else has the problem, this is probably a workaround.

At this point thanks to the reader for the hint – maybe it helps.

Windows Module Installer Worker error

A German comment addresses another issue with the update KB5022282 with the Windows Module Installer Worker error.

Windows Modules Installer Worker

The update to 19045.2486 (KB5022282) went smoothly, but logged "Windows Error Reporting" EventID 1001

Windows Modules Installer Worker

INVALID REQUEST
0
WindowsServicingFailureInfo
Not available
0
10.0.19041.2300:1
0x800F0984 0x800F0984 Matching binary: LxssManager.dll missing for component: amd64_microsoft-windows-lxss-manager_31bf3856ad364e35_10.0.19041.2486_none_f31086c4800002aa
P3: 楆敬›瑳牯汥祡畯⹴灣⡰㘱㐹
‭潃灭湯湥却潴敲㨺剃睡瑓牯䱥祡畯㩴䠺摹慲整楆敬獕湩䙧牯慷摲湁剤癥牥敳敄瑬獡

There is this German comment by DK2000 on German site deskmodder.de with some explanations. Here's my translation:

The error only says that a LxssManager.dll was found, but not the version that was expected (PSFX_E_MATCHING_BINARY_MISSING). In any case, everything seems to have been installed correctly [at my system].

And why there is a part in Chinese, I don't know. Google seems to have problems translating it ("Destroy the soup, but keep tapping, shaving and sleeping."). Do not think that the translation fits so.

Windows Server 2022 Update KB5021249

German blog reader Christian reported in this ccomment install issues since December 2022 with cumulative updates (since KB5021249) on Windows Server 2022 running in Hyper-V VMs, if the VMs has been installed with a SYSPREP image. The installation aborts with the download error 0x800f081f. The error 0x800f081f indicates a problem in the Windows Update Manager. Often important update files are missing. He linked to this reddit.com post where something similar is described for the cumulative update KB5021249 from January 2023.

Windows Server 2012 R2 Update KB5022352 hangs

Update KB5022352 for Windows 8.1 as well as Windows Server 2012 R2 seems to have installation problems, which are described e.g. in this comment.

Does anyone else have the problem that kb 5022352 hangs at 95% download?
This is what happened on 2 servers for me.

I am now trying the manual method….

This is confirmed in this German comment. In this German comment, blog reader Larsen also reports that update KB5022352 for Windows Server 2012 R2 would not install and hung:

2012R2: Download hangs at 95% at first. After restarting and retrying, error 80070570 occurred on two servers running 2012R2 (one as a VM, one still physical).

In this case it helped to download the update KB5018922 from the Microsoft Update Catalog and then to install the SSU KB5018922 and afterwards the update KB5022352 in the mentioned order.

In this German comment there is a note that the package may be corrupted on the Microsoft servers (CRC error on WSUS download). The reader has described a workaround (reject update, run server cleanup, reapprove update). Also described here is an approach for Windows Server 2012 R2 by deleting the folder:

Windows\SoftwareDistribution

Maybe it helps. Addenum: Within my German blog Dave reported, that they was affected on 108 servers. They used the following solution (with a script):

1. cancel installation
2. use sfc /scannow
3. delete everything in the directory C:\Windows\SoftwareDistribution\Download
4. restart
5. start installation and now it should run.

No other TMP directories needed to be deleted. Hope it helps affected administrators.

KB5022352 throws download error 0x8024002

In this comment, someone is also reporting installation problems on Windows Server 2012 R2 and writes:

I'm facing errors (0x80240022) while trying to download updates for Windows 2012 R2 servers. I have SSU KB5018922 all over the place and still can't patch any of Windows 2012/R2 servers.

The error code 0x80240022 is generic and stands for WU_E_ALL_UPDATES_FAILED, Operation failed for all the updates (see Windows 10: Update errors 0x8024xxxx detailed). I had addressed the 2016 error code in the German blog post Windows Update-Fehler 0x80240022 (Defender) related to Defender. The explanation may be helpful, as the code states that the updates failed to load.

A possible causes are a missing system file, an incorrect system setting (e.g. date, time zone, time) or a problem with a registry file. So check time zones, date and time – if necessary exclude a mobile connection (metered connection) for the update download on notebooks. But this will probably not apply to the server.

During a search, however, I often found Defender (or Microsoft Security Essentials) to be the cause (see also here, although the reference to the repair tool should be ignored if possible). If Windows Defender (or a third-party antivirus solution) can be ruled out as the cause (disable it if necessary, see also e.g. the German Windows FAQ), I would try to check the system for damaged files via sfc and dism (see Check and repair Windows system files and component store).

Furthermore, resetting Windows Update would be an option – see also my German blog post WUReset zum Zurücksetzen von Windows Update and the blog posts linked there. Otherwise, evaluate in the CBS.log in the Windows folder and in the Event Viewer, hoping that there is something to find.

Similar articles:
Microsoft Office Updates (January 3, 2022)
Microsoft Security Update Summary (January 10, 2023)
Patchday: Windows 10 Updates (January 10, 2023)
Patchday: Windows 11/Server 2022 Updates (January 10, 2023)
Windows 7/Server 2008 R2; Windows 8.1/Server 2012 R2: Updates (January 10, 2023)
Patchday: Microsoft Office Updates (January 10, 2023)
Exchange Server Security Updates (January 10, 2023)
Microsoft Exchange January 2023 patchday issues
Windows: November 2022 updates cause ODBC connection problems with SQL databases
Windows: Microsoft Workaround for ODBC SQL connection issues (Jan. 5, 2023)


Advertising

This entry was posted in issue, Security, Update, Windows and tagged , , , . Bookmark the permalink.

5 Responses to Windows January 2023 patchday issues

  1. guenni says:

    The comments to my German blog post are reporting more issues I haven't covered in the text above.

    • Since the update to 12/22 (still present at 01/23), the Office 365 apps constantly require a new login after logging in/out of the terminal server (even with MFA query). If you are logged in and the RDS session is not logged out, you can work undisturbed, but as soon as the RDS session is logged out, you have to log in again. Problem only affects RDS, local clients not affected.
    • Windows 10 22H2-Update KB5022282 failed with error 0x800f0988. The solution here (with this script) from German site deskmodder.de helped.
    • After update Windows 10 can't find the Canon Wifi printer – a reinstall of the printer driver fixed that issue.
    • On Windows 10 Enterprise 22H2 Microsoft Edge quick print is broken – but only for Kyocera printer as default device. The preview won't work – hangs with circling icon – printing with ctrl+p works.

    And within my German blog post about Office updates I received this comment, reporting issues with Office 365 apps:

    does anyone else currently have problems with the build no. 16.0.15831.20252 for O365?
    Since the update, the taskbar no longer works on hundreds of clients and the Office programs no longer start!

    This bug has been confirmed by another user.

    Addendum: See my blog post Microsoft Defender update/ASR deletes desktop shortcuts, taskbar broken, Office apps don't start anymore, it's another root cause.

  2. David says:

    Thank you. I had the same issue where all of my 2012R2 boxes were hung up at 95% then failed after a reboot/ update attempt. I ended up having to manually download the KBs at listed above and that solved my issue. Thanks again!

    • Jakob IXSOL says:

      Hi!
      I can confirm this Windows 2012 R2 kb5022352 installation issues. Servers detecting windows updates daily, did download a corrupt version of kb5022352 from Tue, 10th to Wed, 12th of Jan.
      The problem is solved by manually downloading and installing the msu:
      https://www.catalog.update.microsoft.com/Search.aspx?q=KB5022352
      (this took about 1h on our test machine)

      (You may also reset WindowsUpdateClient completely:
      net stop wuauserv
      net stop cryptSvc
      net stop bits
      net stop msiserver

      del /f /q "%ALLUSERSPROFILE%\Application Data\Microsoft\Network\Downloader\qmgr*.dat"
      del /f /s /q %SystemRoot%\SoftwareDistribution\*.*
      del /f /s /q %SystemRoot%\system32\catroot2\*.*
      del /f /q %SystemRoot%\WindowsUpdate.log

      net start wuauserv
      net start cryptSvc
      net start bits
      net start msiserver

      When resetting you may use the windows update client install the proper KB5022352 again. But resetting the windows update client may also remove the windows update history…)

  3. m. daniel. says:

    We were hit hard by this one, as well: most servers that *automatically downloaded* (staged) the update for future installation would either be simply unable to install the update, OR would repeatedly open/close/update the downloaded bits in the SoftwareDistribution folder. The last scenario there caused us significant issues: Defender for Endpoint would try to keep up with the constant updating of the downloaded update, causing twice the performance hit. This cause *very* high disk I/O on our virtualization storage, which impacted the performance of other servers significantly. Thankfully, ProcMon made it quite obvious what was happening.

    The fix for us:
    Stop-Service -name wuauserv
    Stop-Service -name bits
    Rename-Item -path "c:\windows\SoftwareDistribution" -NewName "SoftwareDistribution.bak"
    Start-Service -name wuauserv
    Start-Service -name bits
    wuauclt /detectnow

    No sfc, no reboot. Do the above, then check for updates or let the server automatically update according to normal schedule.

  4. leo says:

    Hi, some days ago I installed KB5022352 (January 2023 Security Monthly) on my Active Directory Domain Controller on windows server 2012r2; after that I had a lot of problems on some windows server 2008r2, expecially for loggin on terminal server services; in event viewer I couldn't find something specific, only a lot of event id 7011 in terminal servers:

    A timeout (30000 milliseconds) was reached while waiting for a transaction response from the NlaSvc service …… or CryptSvc service …… or Schedule service.

    I don't know why, some terminal servers had a very very long logon time (in some case timeout), other had only the event id 7011.

    I have no ESU license, so I can't update Windows server 2008r2, only with the uninstalling of KB5022352 from Domain controllers, our terminal servers started working properly again.

    Has anyone had the same experience?

Leave a Reply

Your email address will not be published. Required fields are marked *

Note: Please note the rules for commenting on the blog (first comments and linked posts end up in moderation, I release them every few hours, I rigorously delete SEO posts/SPAM).