Windows October 2024 updates cause OpenSSH issues

Posted on 2024-10-17 by guenni

Windows[German]Microsoft has delivered several updates on October 2024 Patchday (update KB5044273 for Windows 10 22H2 for instance). The cumulative update also updates OpenSSH for Windows, which can lead to various problems. Users of Yubikey appear to be affected by this update, as has been reported.

Advertising

A reader report

Blog reader KAnaguma has reported in this comment that the cumulative update KB5044273 for Windows 10 updates the "OpenSSH_for_Windows_8.1p0" library to "OpenSSH_for_Windows_9.5p1" (is mentioned briefly in the post Microsoft Security Update Summary (October 8, 2024)).

Windows 10 Update KB5044273

Cumulative Update KB5044273 for Windows 10 Version 21H1 – 22H2 contains various security improvements for internal operating system functions, according to Microsoft (Microsoft Security Update Summary (October 8, 2024)). In the meantime, Microsoft has confirmed a problem (black screen displayed when logging on to Azure Virtual Desktop (AVD)). Microsoft claims to have fixed this bug with a Known Issue Rollback (KIR).

Updates fixes OpenSSH RCE vulnerability CVE-2024-43581

The above update KB5044273 and other Windows updates from October 8, 2024 close the Remote Code Execution vulnerability CVE-2024-43581 i in OpenSSH for Windows. This is rated with a CVSS 3.1 score of 7.1 (High). Rapid 7 lists the affected Windows updates (Windows 10/11, Windows Server 2019/2022) in this document.

To exploit the vulnerability, the attacker must drop a malicious file in a local folder and trick the user into performing a specific file management operation. The complexity of the attack is estimated to be high.

Problems with OpenSSH_for_Windows_9.5p1

The update of the OpenSSH_for_Windows_9.5p1 package seems to cause problems in various places.

Advertising

OpenSSH service no longer starts

On reddit.com, a user with the alias Big-Admin reports that the cumulative updates for Windows Server 2019 and Windows Server 2022 also contain a new OpenSSH to close CVE-2024-43581. As a result, their OpenSSH service was corrupted in the respective Windows versions and no longer starts.

Uninstalling this patch helps and is a working workaround. However, the user in question has found a second fix and writes that deleting the log files in the folder:

C:\PROGRAMDATA\SSH\

have solved the problem. The OpenSSH service starts again for him.

OpenSSH problems with PIV/PKCS11 certificate

Blog reader KAnaguma writes here that the installation of update KB5044273 causes the recognition of the PIV/PKCS11 certificate on a Yubikey used by the user for authentication to stop working. According to this bug report, the issue in OpenSSH_for_Windows_9.5p1 has been known at Yubikey since the beginning of July 2024.

The affected person states that authentication via Yubikey on the Windows Terminal and also with VSCode under Windows 10 and Windows 11 is no longer possible. The current solution is to uninstall the KB5044273 update – but this causes permanent problems.

Advertising
This entry was posted in issue, Update, Windows and tagged , , . Bookmark the permalink.

One Response to Windows October 2024 updates cause OpenSSH issues

  1. ronn wosl says:
    2024-10-18 at 10:02

    Dear Support Team,

    I hope this message finds you well. I am writing to urgently request assistance regarding connectivity problems I have been experiencing with VPN and DirectAccess in Windows 11 24H2.

    VPN Connection Issues:
    Frequent Disconnections: I am encountering regular disconnections, which disrupt my workflow.
    Slow Connection Speeds: The performance of the VPN is significantly slower than expected, affecting my productivity.
    DNS Leaks: There are concerns that DNS queries are not routing properly through the VPN.
    https://community.automationdirect.com/s/question/0D5PE00000NmSZw0AN/swift-simple-name-change-process-on-ticketdial-for-help

    Compatibility Problems: The VPN client seems to have compatibility issues with Windows 11, resulting in connectivity failures.
    DirectAccess Problems:
    Configuration Challenges: Setting up DirectAccess has proven to be complex, leading to multiple configuration hurdles.
    Authentication Failures: I have faced several authentication issues that prevent successful connections.
    Limited Network Access: Even when connected, I often find myself unable to access essential network resources.
    Intermittent Connectivity: The connection drops sporadically, disrupting my tasks.
    These issues are significantly impacting my ability to work effectively, and I would greatly appreciate any guidance or solutions you can provide to resolve them.

    Thank you for your prompt attention to this matter. I look forward to your assistance.

    Best regards,

    Ronn

    Reply

Leave a Reply

Your email address will not be published. Required fields are marked *

Note: Please note the rules for commenting on the blog (first comments and linked posts end up in moderation, I release them every few hours, I rigorously delete SEO posts/SPAM).