[German]There are isolated reports of issues in Windows caused by the July 2024 patchday security updates. Under Windows Server 2012 R2, there is a report that the Remote Desktop Virtualization Host Agent service under Hyper-V is broken (albeit due to the June 2024 update). And under Windows Server 2022, the Remote Desktop Gateway service is broken on some systems and crashes regularly. Remote connections are then no longer possible.
Advertising
Windows Server
Security updates were released for various Windows Server versions on July 9, 2024 to eliminate vulnerabilities.
Windows Server 2022 Updates
Cumulative update KB5040437 has been released for Windows Server 2022 (see Patchday: Windows 11/Server 2022-Updates (July 9, 2024), which is supposed to fix a bug in the Remote Desktop Session Host (RDSH). The support article states:
[Remote Desktop Session Host (RDSH)] Users are unable to connect to the RDSH. This is becausedwm.exe is no longer responding.
In addition, the RADIUS blast vulnerability (CVE-2024-3596) has been patched (see Blast RADIUS attack enables RADIUS authentication to be bypassed). I cannot say whether the two fixes have anything to do with the problem with the Remote Desktop Gateway service.
Windows Server 2016/2019
2016/2019
There were also security updates for the Windows Server versions mentioned here, which address vulnerabilities and bugs in the blog posts Patchday: Windows 10/Server Updates (July 9, 2024) and Windows Server 2012 / R2 und Windows 7 (July 9, 2024).
Advertising
Remote Desktop Gateway service broken
I have now received reports for almost all Windows Server versions that the Remote Desktop Gateway service is causing problems and crashing.
Windows Server 2022 RD Gateway service broken
German blog reader Christian wrote in this comment that he had to uninstall the cumulative update KB5040442 on a 2022 server. In his environment, the Remote Desktop Gateway service crashed regularly. Has anyone else made this observation?
Windows 11/Windows Server 2016
German blog reader Roland has posted a comment reporting problems connecting Windows 11 to the Remote Desktop Gateway service running on Windows Server 2016. While the RD connections are running with Windows 10, there are issues with Windows 11 clients. Roland has posted this entry from the Event Viewer log:
Eventlog RD-Gateway (Microsoft-Windows-TerminalServices-Gateway/Operational) reports with EventID 311:
The user "xxx", on client computer "yyy", did not connect to the following network resource: "zzz" because the remote computer does not support secure device redirection. Try selecting another network resource or possibly lower RD Gateway security by modifying RD CAP to allow client connections to resources that do not enforce device redirection.
According to Roland, you can adjust the Remote Desktop CAP (RD Connection Authorization Policies) so that it works again. However, this reduces security. If Central RD CAP is used, the Vendor-Specific-Attribute "TSG-Device-Redirection" must be adjusted according to Roland. However, this is a single vote – are there any other readers with this problem?
Windows Server 2012 R2
A German blog reader with the alias WindowsFan has posted a comment on July 10, 2024 and writes that he had problems with the Remote Desktop Virtualization Host Agent service on a Window Server 2012 R2 Core running Hyper-V systems. When creating new VDIs, the service crashed unexpectedly. As a result, the VDIs running on the host were no longer accessible for the CB. After uninstalling the KB5039294 update (June 2024 update), the problems no longer occur.
Similar articles:
Microsoft Security Update Summary (July 9, 2024)
Patchday: Windows 10/Server Updates (July 9, 2024)
Patchday: Windows 11/Server 2022-Updates (July 9, 2024)
Windows Server 2012 / R2 und Windows 7 (July 9, 2024)
Microsoft Office Updates (July 9, 2024)
Windows 11 update KB5040442 causes issues with Outlook 2021
Advertising
Noticed the same problem testing the update on a 2019 RD Gateway server. The GW service crashes several times in a row, then works fine for some time, then crashes again.
This is causing our org many issues, does anyone have any idea which updates on server 2016 might be the issue? On the one server exhibiting this issue the last updates were installed a few days ago but the issue only started this morning.
I updated all my Win 2022 servers last night (Friday July 12, 2024) with KB5040437 (July 2024) and I also have the same issue this morning! It seems the RD Gateway is having an issue.
When opening Server Manager, I have tons of red flags under RD Gate.
On the Hyper-V Host, I can connect to my session hosts — which is a kind of RDS treats session hosts as a type of RD Connection. That being said, the RD Gateway, from Internet side of the firewall / Gateway seems to be crashing.
I have my RD Gateway on its own server, I will try to uninstall KB5040437 on only the RD Gateway and hope the connections remain stable.
Server 2016, same issues with Gateway Service crashing and restarting, removed KB5040434 and disabled Windows Update Services for the time being. Seems stable today as a result. No word from Microsoft on the issue I assume?
Server 2016, same issues with Gateway Service crashing and restarting, removed KB5040434. Seems stable today as a result. We have opened Premier Support Case number 2407150050002801 !
I have 7 2022 servers (21H2), I can't install the update on any of them (They're virtual machines running on Nutanix Hypervisor). I setup a VM in a VMWare environment to check if it might be related to the Hypervisor platform since they're all fresh machines. I could install the update on the vmware machine, but it would just lopp infinitely between a BSOD and restart ("Unknown Processor" error). I'll try another Server 2022 image later (e.g. 22H2) to check if this behavior is isolated to 21H2. Will block the update in patch management for now.
@AZYLIS how you getting on with PSS?
We are seeing the same issue on 2 of our four RDS Gateways (running 2022 STD).
Faulting application name: svchost.exe_TSGateway, version: 10.0.20348.2520, time stamp: 0xf862c7cb
Faulting module name: aaedge.dll, version: 10.0.20348.2582, time stamp: 0x78ded40f
Exception code: 0xc0000005
Fault offset: 0x000000000006613c
Faulting process id: 0x273c
Faulting application start time: 0x01dad77010a2bee1
Faulting application path: C:\WINDOWS\system32\svchost.exe
Faulting module path: c:\windows\system32\aaedge.dll
Report Id: d4502b05-b974-4660-bc13-5f2da108f403
Faulting package full name:
Faulting package-relative application ID:
and in TerminalServices-Gateway log:
The following exception code "3221225477" occured in the RD Gateway server. The RD Gateway will be restarted. No user action is required.
Microsoft says till now to uninstall the update, this is the only thing that i have now from Premier Support !!!… wait & see…
@Mess, if you uninstall the update, you don't have the problem anymore…
Updates are not tested with all roles, this is not possible otherwise, because if that were the case, it would not happen
Server 2016 environment here. Uninstall of KB5040434 and a reboot, solved the issue for our gateways. Thanks for sharing the details!
In the release of KB5040430 for Windows Server 2019 Microsoft is still not reporting any problems, do you know if they are working on it? Thanks
I wrote this night a follow up article in German – where I mentioned, that MS seems to have withdrawn the updates for Windows Server. The English blog post will follow on Friday. My understanding is, that Microsoft is aware of this flaw.
We faced issues with checkpoint VPN after installing this patch our users would not able to connect checkpoint VPN, we have to uninstall it, it started working-KB5040434