{"id":22888,"date":"2022-01-12T00:52:43","date_gmt":"2022-01-11T23:52:43","guid":{"rendered":"http:\/\/159.69.82.204\/win\/?p=22888"},"modified":"2022-01-13T04:24:37","modified_gmt":"2022-01-13T03:24:37","slug":"patchday-windows-8-1-server-2012-r2-updates-11-januar-2022-mgliche-boot-probleme","status":"publish","type":"post","link":"https:\/\/borncity.com\/win\/2022\/01\/12\/patchday-windows-8-1-server-2012-r2-updates-11-januar-2022-mgliche-boot-probleme\/","title":{"rendered":"Patchday: Windows 8.1\/Server 2012 R2 Updates (January 11, 2022), boot loop reported"},"content":{"rendered":"

\"Windows\"[German<\/a>]As of January 11, 2022, Microsoft has released various updates for Windows 8.1. These security updates are also available for Windows Server 2012 R2. I have already received information from a blog reader that a boot loop has occurred with domain controllers. Here is some information on the Monthly Rollup and Security only updates for this operating system.<\/p>\n

<\/p>\n

Updates for Windows 8.1 and Windows Server 2012 R2<\/h2>\n

\"\"A rollup and security-only update have been released for Windows 8.1 and Windows Server 2012 R2. The update history for Windows 8.1 and Windows Server 2012 R2 can be found on this Microsoft page<\/a>.<\/p>\n

KB5009624 (Monthly Rollup) for Windows 8.1\/Server 2012 R2<\/h3>\n

Update KB5009624<\/a> (Monthly Rollup for Windows 8.1 and Windows Server 2012 R2) contains improvements and fixes, and addresses the following.<\/p>\n

Addresses a Windows Server issue in which Active Directory attributes are not written correctly during a Lightweight Directory Access Protocol (LDAP) modify operation with multiple specific attribute changes.<\/p><\/blockquote>\n

This update is automatically downloaded and installed by Windows Update, but is also available from the Microsoft Update Catalog<\/a> and via WSUS. If installing manually, the latest Servicing Stack Update (SSU KB5001403<\/a>) must be installed beforehand – although this SSU cannot be uninstalled.<\/p>\n

Microsoft is aware of the following issue related to the update: Certain operations, such as renaming, that you perform for files or folders on a Cluster Shared Volume (CSV) may fail with the error \"STATUS_BAD_IMPERSONATION_LEVEL (0xC00000A5)\". This occurs when you perform the operation on a CSV owner node from a process that does not have administrator privileges. The KB article suggests a workaround to fix this. Details can be found in the KB article.<\/p>\n

KB5009595 (Security-only update) for Windows 8.1\/Server 2012 R2<\/h3>\n

Update KB5009595<\/a> (Security Only Quality Update for Windows 8.1 and Windows Server 2012 R2) addresses the same issues as update KB5009624<\/a>. The update is distributed via WSUS (but not via Windows Update) or is available from the Microsoft Update Catalog<\/a>. In case of a manual installation, the latest Servicing Stack Update (SSU) KB5001403<\/a> must be installed beforehand. In addition, the Internet Explorer 11 security update KB5006671<\/a> from Oct. 2021 (if not already available) should be installed.<\/p>\n

Boot loop on DCs reported<\/h3>\n

German blog reader John L. contacted me via email a few hours ago about issues with the Jan 2022 update in conjunction with Windows Server 2012 R2. In his case, 2 domain controllers went into a boot loop because LSASS.exe throws an error 0xc0000005 (access violation). Here is his advice (thanks for that – I've translated his German text).<\/p>\n

Hello G\u00fcnter,<\/p>\n

if you get several messages (as mine one) that 2012R2 is stuck in a bootloop loop after the patchday, this could possibly be due to the fact that after installing the KB's from today (no idea which one yet) LSASS.EXE crashes with 0xc0000005.<\/p>\n

\"\"Name of the corrupted application: lsass.exe, version: 6.3.9600.17415, timestamp: 0x545042fe
\nName of the corrupt module: msv1_0.DLL, version: 6.3.9600.20239, timestamp: 0x61c1a5c8
\nException Code: 0xc0000005
\nFehleroffset: 0x0000000000002663
\nID of the faulty process: 0x1f4
\nStart time of the faulty application: 0x01d8072ac5b2c15a
\nPath of the faulty application: C:\\Windows\\system32\\lsass.exe
\nPath of the corrupted module: C:\\Windows\\system32\\msv1_0.DLL
\nBerichtskennung: afc36fda-7320-11ec-813a-00155d012601
\nFull name of the corrupted package:
\nApplication ID relative to the corrupted package: \"\".<\/p>\n

This will cause an immediate bootloop.<\/p>\n

I want to advise against rolling back snapshots, especially for DC's, to avoid provoking USN rollbacks.<\/p>\n

Workaround:<\/p>\n

Prevent one of the two DC's from booting, then uninstall today's hotfixes first on one and then on the other DC.<\/p><\/blockquote>\n

I haven't found any other hits in a search yet. Addendum: There is a 2nd issue that's reported by blog readers:<\/p>\n

On all Windows 2012 R2 servers, all ReFs volumes are in RAW format after installation.<\/p>\n

The cause seems to be KB5009624. After uninstalling the update and rebooting the server, the drives are present again.<\/p><\/blockquote>\n

Addendum:<\/strong> I've published a separate article Windows Server: January 2022 security udpdates are causing DC boot loop<\/a>, because other Windows Server DC versions are also affected.<\/p>\n

Updates for Windows Server 2012<\/h2>\n

A rollup and a security-only update have been released for Windows Server 2012 and Windows Embedded 8 Standard. The update history for Windows 8.1 and Windows Server 2012 R2 can be found on this Microsoft page<\/a>.<\/p>\n

KB5009586 (Monthly Rollup) for Windows Server 2012<\/h3>\n

Update KB5009586<\/a> (Monthly Rollup for Windows Server 2012, Windows Embedded 8 Standard) contains improvements and fixes, and addresses the same issues as update KB5009624<\/a>. This update is automatically downloaded and installed by Windows Update, but is also available from the Microsoft Update Catalog<\/a>\u00a0 and via WSUS. If installing manually, the latest Servicing Stack Update (SSU KB5001401<\/a>) must be installed beforehand – although this SSU cannot be uninstalled. This update have the same known issues as the updates listed above.<\/p>\n

KB5009619 (Security-only update) for Windows Server 2012<\/h3>\n

Update KB5009619<\/a> (Security Only Quality Update for Windows Server 2012, Windows Embedded 8 Standard) addresses the same issues as update KB5009624<\/a>.\u00a0 The update is distributed via WSUS (but not via Windows Update) or is available in the Microsoft Update Catalog<\/a>. In case of a manual installation, the latest Servicing Stack Update (SSU) KB5001401<\/a> must be installed first. In addition, if not already available, the Internet Explorer 11 security update KB5006671<\/a> from Oct. 2021 should be installed.<\/p>\n

Similar articles:
\n<\/strong>Microsoft Office Updates (January 4, 2022)<\/a>
\nMicrosoft Security Update Summary (January 11, 2022)<\/a>
\nPatchday: Windows 8.1\/Server 2012 R2 Updates (January 11, 2022), boot loop reported<\/a>
\nPatchday: Windows 10 Updates (January 11, 2022)<\/a>
\nPatchday: Windows 11 Updates (January 11, 2022)<\/a>
\nPatchday: Updates for Windows 7\/Server 2008 R2 (January 11, 2022)<\/a><\/p>\n

Windows Server: January 2022 security updates are causing DC boot loop<\/a>
\nWindows VPN connections (L2TP over IPSEC) broken after January 2022 update<\/a>
\nWindows Server 2012\/R2: January 2022 Update KB5009586 bricks Hyper-V Host<\/a><\/p>\n","protected":false},"excerpt":{"rendered":"

[German]As of January 11, 2022, Microsoft has released various updates for Windows 8.1. These security updates are also available for Windows Server 2012 R2. I have already received information from a blog reader that a boot loop has occurred with … Continue reading →<\/span><\/a><\/p>\n","protected":false},"author":1,"featured_media":0,"comment_status":"open","ping_status":"closed","sticky":false,"template":"","format":"standard","meta":{"footnotes":""},"categories":[463,580,2],"tags":[2700,69,195,567],"class_list":["post-22888","post","type-post","status-publish","format-standard","hentry","category-issue","category-security","category-windows","tag-patchday-1-2022","tag-security","tag-update","tag-windows-server-2012-r2"],"_links":{"self":[{"href":"https:\/\/borncity.com\/win\/wp-json\/wp\/v2\/posts\/22888","targetHints":{"allow":["GET"]}}],"collection":[{"href":"https:\/\/borncity.com\/win\/wp-json\/wp\/v2\/posts"}],"about":[{"href":"https:\/\/borncity.com\/win\/wp-json\/wp\/v2\/types\/post"}],"author":[{"embeddable":true,"href":"https:\/\/borncity.com\/win\/wp-json\/wp\/v2\/users\/1"}],"replies":[{"embeddable":true,"href":"https:\/\/borncity.com\/win\/wp-json\/wp\/v2\/comments?post=22888"}],"version-history":[{"count":0,"href":"https:\/\/borncity.com\/win\/wp-json\/wp\/v2\/posts\/22888\/revisions"}],"wp:attachment":[{"href":"https:\/\/borncity.com\/win\/wp-json\/wp\/v2\/media?parent=22888"}],"wp:term":[{"taxonomy":"category","embeddable":true,"href":"https:\/\/borncity.com\/win\/wp-json\/wp\/v2\/categories?post=22888"},{"taxonomy":"post_tag","embeddable":true,"href":"https:\/\/borncity.com\/win\/wp-json\/wp\/v2\/tags?post=22888"}],"curies":[{"name":"wp","href":"https:\/\/api.w.org\/{rel}","templated":true}]}}