{"id":34501,"date":"2024-07-19T00:01:55","date_gmt":"2024-07-18T22:01:55","guid":{"rendered":"http:\/\/159.69.82.204\/win\/?p=34501"},"modified":"2024-07-18T16:53:51","modified_gmt":"2024-07-18T14:53:51","slug":"workaround-for-broken-windows-remote-desktop-gateway-service-after-july-2024-updates","status":"publish","type":"post","link":"https:\/\/borncity.com\/win\/2024\/07\/19\/workaround-for-broken-windows-remote-desktop-gateway-service-after-july-2024-updates\/","title":{"rendered":"Workaround for broken Windows Remote Desktop Gateway service after July 2024 updates"},"content":{"rendered":"

\"Windows\"[German<\/a>]There are some issues with the security updates that Microsoft rolled out for Windows on July 9, 2024. I have received some reports that the Remote Desktop Gateway service is broken under some Windows versions (Windows Server 2019, Windows Server 2022) and regularly crashes. This prevents remote connections. A blog reader has now pointed me to a possible workaround that keeps the Remote Desktop Gateway service alive, so that the uninstallation of the July 2024 security update in question may not be necessary.<\/p>\n

<\/p>\n

Remote Desktop Gateway service broken<\/h2>\n

\"\"The security updates from July 9, 2024 are definitely causing collateral damage to the Remote Desktop Gateway service. German blog reader Christian wrote in this German comment<\/a> that he had to uninstall the cumulative update KB5040442<\/a> on a 2022 server. I had extracted the various user reports and a description of the situation in the blog post Windows July 2024 updates break remote connections<\/a>.<\/p>\n

As a result, other users confirmed the same problem under Windows Server 2019. In this German comment<\/a>, Chris wrote that the TSGateway service under Windows Server 2019 is automatically terminated at irregular intervals (3 – 45 minutes). The following error is reported in the application log:<\/p>\n

Faulting application name: svchost.exe_TSGateway, version: 10.0.17763.3346, time stamp: 0xb6a0daab
\nFaulting module name: aaedge.dll, version: 10.0.17763.6054, time stamp: 0xce1c5805<\/p><\/blockquote>\n

The following error entry is then stored in the system log.<\/p>\n

The Remote Desktop Gateway service terminated unexpectedly. It has done this 2 time(s). The following corrective action will be taken in 300000 milliseconds: Restart the service.<\/p><\/blockquote>\n

There is further confirmation of this bug caused by the July 2022 update in question in the comments to the blog post linked above. Andy writes here<\/a> that Microsoft has already withdrawn the July 2024 updates for Windows Server. However, it does not seem to affect every Windows Server, in this comment<\/a> says there are not issues.<\/p>\n

Workaround for the problem?<\/h2>\n

Blog reader Magican posted this comment<\/a> on the article Patchday: Windows 10\/Server-Updates (9. Juli 2024)<\/a> and wrote: \"Here is the according MS article with a temporary solution\". The reader referred to the article July 07-2024 Updates Break Remote Desktop Gateway Servers<\/a> in the Microsoft Q&A section (Microsoft Learn). There someone writes the following about July 16, 2024:<\/p>\n

July 07-2024 Updates Break Remote Desktop Gateway Servers<\/p>\n

We are seeing the issue on 2 of our four RDS Gateways (running 2022 STD).<\/p>\n

Faulting application name: svchost.exe_TSGateway,
\nversion: 10.0.20348.2520,
\ntime stamp: 0xf862c7cb
\nFaulting module name: aaedge.dll,
\nversion: 10.0.20348.2582,
\ntime stamp: 0x78ded40f
\nException code: 0xc0000005
\nFault offset: 0x000000000006613c
\nFaulting process id: 0x273c
\nFaulting application start time: 0x01dad77010a2bee1
\nFaulting application path: C:WINDOWS\\system32\\svchost.exe
\nFaulting module path: c:windows\\system32\\aaedge.dll
\nReport Id: d4502b05-b974-4660-bc13-5f2da108f403
\nFaulting package full name:
\nFaulting package-relative application ID:<\/p>\n

and in TerminalServices-Gateway log:
\nThe following exception code \"3221225477\" occured in the RD Gateway server. The RD Gateway will be restarted. No user action is required.<\/p>\n

The results of these crashes are that all users connected via the affected gateway are immediately disconnected and must reconnect. Obviously very disruptive when its happening every 30 or so minutes!<\/p><\/blockquote>\n

As soon as the relevant July 2024 update is uninstalled, the problem is resolved. At first glance, this would simply be a confirmation of the facts described above, albeit supplemented by a few notes from the bug report. However, the thread is quite interesting because a user by the name of Karlie Weng, who describes himself as a \"Microsoft vendor\", has come forward. Weng states that they have found a workaround for the crashes and writes about it.<\/p>\n

It appears that the problem is linked to the RPC-over-HTTP transport mechanism that the RDClient used to establish a connection with the Gateway.<\/p>\n

As a temporary solution, you might want to try one of the following options:<\/p>\n

    \n
  1. On your Remote Desktop Gateway (RD Gateway), create a new firewall rule to block incoming traffic on port 3388. Ensure the rule specifies \"Deny\" or \"Block\" to effectively prevent access.<\/li>\n
  2. From all Windows client machines, delete the registry entry associated with RDGClientTransport. The specific path to this entry is: HKCU\\SOFTWARE\\Microsoft\\Terminal Service Client\\RDGClientTransport.<\/li>\n<\/ol>\n

    Please proceed with caution when modifying firewall rules and registry entries, as these changes can affect system functionality. It's recommended to back up relevant configurations before making any alterations.<\/em><\/p><\/blockquote>\n

    It is unclear to me at this point whether the fix works and is applicable at all. Deleting a registry entry can only be done like this on individual machines. And in replies to Weng's post, a user asks which RDP clients normally use this transport? And if the transport is disabled, what alternative transport is used? But perhaps one of the readers concerned has the opportunity to test this and can give feedback as to whether it helps.<\/p>\n

    Similar articles:
    \n<\/strong>    Microsoft Security Update Summary (July 9, 2024)<\/a>
    \n    Patchday: Windows 10\/Server Updates (July 9, 2024)<\/a>
    \n    Patchday: Windows 11\/Server 2022-Updates (July 9, 2024)<\/a>
    \n    Windows Server 2012 \/ R2 und Windows 7 (July 9, 2024)<\/a>
    \n    Microsoft Office Updates (July 9, 2024)<\/a>
    \n    Windows 11 update KB5040442 causes issues with Outlook 2021<\/a>
    \n    Windows July 2024 updates break remote connections<\/a>
    \n    Windows 10\/11 updates (e.g. KB5040442) trigger Bitlocker queries (July 2024)<\/a>
    \n    Windows Update July 2024: Are there issues with Radius authentications?<\/a>
    \n    July 2024 security update KB5040427 crashes Windows 10\/Server LPD printing service<\/a>
    \n    Microsoft's fixes for various Windows bugs (July 2024)<\/a><\/p>\n","protected":false},"excerpt":{"rendered":"

    [German]There are some issues with the security updates that Microsoft rolled out for Windows on July 9, 2024. I have received some reports that the Remote Desktop Gateway service is broken under some Windows versions (Windows Server 2019, Windows Server … Continue reading →<\/span><\/a><\/p>\n","protected":false},"author":1,"featured_media":0,"comment_status":"open","ping_status":"closed","sticky":false,"template":"","format":"standard","meta":{"footnotes":""},"categories":[463,22,2],"tags":[47,2863,195,194],"class_list":["post-34501","post","type-post","status-publish","format-standard","hentry","category-issue","category-update","category-windows","tag-issue","tag-patchday-7-2024","tag-update","tag-windows"],"_links":{"self":[{"href":"https:\/\/borncity.com\/win\/wp-json\/wp\/v2\/posts\/34501","targetHints":{"allow":["GET"]}}],"collection":[{"href":"https:\/\/borncity.com\/win\/wp-json\/wp\/v2\/posts"}],"about":[{"href":"https:\/\/borncity.com\/win\/wp-json\/wp\/v2\/types\/post"}],"author":[{"embeddable":true,"href":"https:\/\/borncity.com\/win\/wp-json\/wp\/v2\/users\/1"}],"replies":[{"embeddable":true,"href":"https:\/\/borncity.com\/win\/wp-json\/wp\/v2\/comments?post=34501"}],"version-history":[{"count":1,"href":"https:\/\/borncity.com\/win\/wp-json\/wp\/v2\/posts\/34501\/revisions"}],"predecessor-version":[{"id":34502,"href":"https:\/\/borncity.com\/win\/wp-json\/wp\/v2\/posts\/34501\/revisions\/34502"}],"wp:attachment":[{"href":"https:\/\/borncity.com\/win\/wp-json\/wp\/v2\/media?parent=34501"}],"wp:term":[{"taxonomy":"category","embeddable":true,"href":"https:\/\/borncity.com\/win\/wp-json\/wp\/v2\/categories?post=34501"},{"taxonomy":"post_tag","embeddable":true,"href":"https:\/\/borncity.com\/win\/wp-json\/wp\/v2\/tags?post=34501"}],"curies":[{"name":"wp","href":"https:\/\/api.w.org\/{rel}","templated":true}]}}