Windows June 2024 updates: LSass bug fixed; AuthLite on domain controllers broken and more

[German]On June 11, 2024, Microsoft released its security updates for this month. The updates fix the LSass bug (memory leak), update Curl.exe and bring some other changes. But I have received an initial report of installation problems. And under Windows Server (2016 – 2022), the June 2024 update ensures that AuthLite (2FA authentication) no longer works on domain controllers. Anyone using the module should therefore not install the update yet.

Windows June 2024 updates

I have discussed the June 2024 security updates for the various Windows clients and also for Windows Server in various blog posts (see list of links at the end of the article). In my opinion, the most important part of these updates is the fact that the vulnerabilities described in the article Windows Server: April 2024 Update KB5036909 causes also LSASS crashes on DCs should be fixed. I had pointed out possible issues with Microsoft OLE DB Driver for SQL Server 19.2.0.0 in the article Microsoft Security Update Summary (June 11, 2024).

AuthLite becomes unusable on DCs

AuthLite is a Windows corporate network authentication solution that, unlike all competing multi-factor authentication solutions, extends Active Directory to support two-factor authentication out of the box. With AuthLite, administrators can continue to use all their existing software, writes the manufacturer, with the additional two-factor authentication security being placed exactly where it is needed.

A blog reader has now pointed out to me in a private message on X that the June 2024 updates are breaking the 2FA authentication option in Active Directory (AD) outlined above. In an email, the provider points out that the cumulative updates from June 2024 on domain controllers ensure that the AuthLite module can no longer be called. This interrupts the 2FA authentication of all AuthLite users. The provider writes that the following operating systems and updates are affected.

• Server 2022 (KB5039227), domain controller only
• Server 2019 (KB5039217) domain controller only
• Server 2016 (KB5039214) unclear whether DCs are affected

The vendor recommends suspending the installation of the June 2024 updates on domain controllers for the time being. Anyone who has installed the update can log in with the 1-factor Break Glass emergency account to roll back the update installation if necessary. The provider is investigating what has been changed by the update.

Windows Server 2019 partially in English

German blog reader Heiko has reported in this comment that after the update installation on a Windows Server 2019 (German) parts of the operating system are "suddenly" localized in English (e.g. context menu [right mouse button] in notepad.exe). This does not inspire much confidence, says the reader. It's stupid because Windows 2019 terminal servers are used there and the users notice this. Has anyone else noticed this effect?

Windows 11: Update not shown as installed

Possibly an isolated case, I have received feedback from Markus K. that he has installed the cumulative update (KB5039212) for Windows 11 23H2 via PSWindowsUpdate in the PowerShell. The update installation is reported as "failed". But the build is shown as 22621.3737 in winver.exe after reboot – which again fits. Anyone else with this observation?

Similar articles:
Microsoft Security Update Summary (June 11, 2024)
Patchday: Windows 10/Server-Updates (June 11, 2024)
Patchday: Windows 11/Server 2022-Updates (June 11, 2024)
Windows Server 2012 / R2 und Windows 7 (June 11, 2024)