Search the Community

Microsoft found even more bugs in the recently released Patch Tuesday updates for Windows 11 version 24H2. This week, the company acknowledged that in certain scenarios, users might find themselves with broken Windows Hello biometric authentication or PIN. Now, another issue has shown up in the official documentation, this time with much more serious symptoms. According to Microsoft, April 2025 security updates for Windows 11 version 24H2 cause blue screens of death when restarting computers. In such scenarios, Windows 11 shows error code 0x18B "SECURE_KERNEL_ERROR." Here is what Microsoft says in the official documentation: Fortunately, users should not worry about this too much. Microsoft applied a temporary workaround using the Known Issue Rollback system, which, when deployed, removes problematic code bits to undo damage on affected systems. For regular users and non-managed environments, there is nothing to do at this point. You can restart your system to speed up the process and let the patch propagate faster (fixes usually take up to 24 hours to reach all target systems). In managed environments, though, IT Admins have to deploy Known Issue Rollback patches with special policies. For this particular case, the necessary policy is available in the official documentation. In addition to problems with Windows Hello cameras (some users report more issues with IR cameras besides what Microsoft confirmed), two other known bugs remain standing in the latest Windows 11 updates. One prevents users from launching Roblox on ARM systems when downloaded from the Microsoft Store, and another causes problems with installing security updates with certain versions of Citrix software. Source Hope you enjoyed this news post. Thank you for appreciating my time and effort posting news every day for many years. News posts... 2023: 5,800+ | 2024: 5,700+ | 2025 (till end of March): 1,357 RIP Matrix | Farewell my friend

Microsoft says that some customers might experience Remote Desktop and RDS connection issues after installing recent Windows updates released since January 2025. "After installing the January 2025 Windows preview update (KB5050094) and later updates, users might experience unexpected disconnections with Remote Desktop Protocol (RDP) sessions, including Remote Desktop Services (RDS)," the company said in a new entry on the Windows release health dashboard. "We've observed a significant increase in reports of this issue following the release of the March 2025 Windows security update (KB5053598)." Affected users may experience unexpected RDP disconnections after 65 seconds when establishing UDP connections from Windows 11 24H2 PCs to RDS hosts on systems running Windows Server 2016 earlier. While Windows Server 2025 systems are not directly affected as RDS hosts, users may still experience disconnects when acting as RDP clients connecting to older servers. Fixed via Known Issue Rollback Microsoft has resolved these Remote Desktop issues via Known Issue Rollback (KIR), a Windows feature designed to reverse buggy non-security updates delivered via Windows Update. To resolve the known issue on impacted Windows enterprise-managed devices, admins must install and set up the Windows 11 24H2 and Windows Server 2025 KB5053598 250314_20401 Known Issue Rollback group policy. After installation, the Group Policy can be found under Computer Configuration > Administrative Templates. To deploy the Known Issue Rollback on affected endpoints, you must go to the Local Computer Policy or the Domain policy on the domain controller using the Group Policy Editor to choose the Windows version that needs to be targeted. Next, restart impacted devices to apply the group policy setting. IT admins can find additional guidance on deploying and configuring KIR Group Policies on the Microsoft support website. Redmond says a permanent fix will roll out automatically with a future Windows update, and organizations will no longer need to install and configure the Group Policy to address this known issue once the update is released. Source Hope you enjoyed this news post. Thank you for appreciating my time and effort posting news every day for many years. News posts... 2023: 5,800+ | 2024: 5,700+ | 2025 (till end of February): 874 RIP Matrix | Farewell my friend

On October 22, 2024, Microsoft released the latest non-security update for Windows 11 version 23H2 under KB5044380, also known as builds 22621.4391 and 22631.4391. The update introduced several useful improvements and changes, including battery drain fixes, Copilot key remapping, new settings for notifications, and more. Unfortunately, the update also wrecks some things. Microsoft has updated the official KB5044380 article and acknowledged that the update is breaking OpenSSH (Open Secure Shell), preventing SSH connections: According to Microsoft, the bug affects all users with KB5044380, including enterprise, IoT, education, and home customers. However, Microsoft also added that the number of impacted devices is "limited." Another good thing is that there is a workaround, which you can apply to temporarily resolve the problem. The company says that updating permissions on the affected directories should fix the problem. You can do so by executing the following command in elevated PowerShell: $directoryPath = "C:\ProgramData\ssh" $acl = Get-Acl -Path $directoryPath $sddlString = "O:BAD:PAI(A;OICI;FA;;;SY)(A;OICI;FA;;;BA)(A;OICI;0x1200a9;;;AU)" $securityDescriptor = New-Object System.Security.AccessControl.RawSecurityDescriptor $sddlString $acl.SetSecurityDescriptorSddlForm($securityDescriptor.GetSddlForm("All")) Set-Acl -Path $directoryPath -AclObject $acl Microsoft also recommends doing the same for C:\ProgramData\ssh\logs. As of right now, Microsoft is investigating the issue, and a resolution will be available in a future Windows Update. Although the bug does not affect Windows 11 version 24H2, it has its own share of problems with the latest non-security update. Microsoft recently confirmed that Task Manager in KB5044384 is not displaying the correct number of running applications and processes. Microsoft also paused the rollout of the new controller keyboard due to unknown issues and bugs (it is now available in Canary builds). Source Hope you enjoyed this news post. Thank you for appreciating my time and effort posting news every day for many years. 2023: Over 5,800 news posts | 2024 (till end of October): 4,832 news posts RIP Matrix | Farewell my friend

Microsoft has updated the official Windows documentation with details about a newly discovered bug in the recent Windows 10 updates. According to the company, some Windows 10 devices within enterprise networks might experience problems with using Microsoft Connected Cache nodes, resulting in an increase in download traffic from the public internet. For context, Microsoft Connected Cache is a feature (currently in preview) that offers software-based caching to deliver "Microsoft content" across enterprise or education networks. Companies can use Microsoft Connected Cache to distribute Windows updates, Office Click-to-Run apps, Microsoft 365 App updates, client apps, and definition updates for Windows Defender. Internet service providers can also use MCC to reduce network bandwidth usage for Microsoft products. Microsoft says the Connected Cache feature is for companies who want to "move towards modern management and away from Configuration Manager Distribution points." The discovered bug in Windows 10 affects systems with versions 21H2 and 22H2 with KB5034203 (the January 2024 non-security update) or later. It is most likely to hit computers with DHCP Option 235, causing them to download updates and apps from outside their companies' networks. The problem does not affect home users since Microsoft Connected Cache is a feature made specifically for internet service providers and enterprise and education environments (some home users are currently dealing with other sorts of issues). Microsoft is working on resolving the problem with Microsoft Connected Cache nodes in Windows 10, and a fix should arrive in one of the upcoming updates. Meanwhile, IT admins can mitigate the problem using one of the following two options: You can find more information about Microsoft Connected Cache in the official documentation. Source

Last week, Microsoft released its Patch Tuesday updates for March 2024 (Windows 10 / Windows 11). The latter fixes a 0x800F0922 error, which was an artifact of a previous buggy update. While the tech giant has not confirmed any major issues related to its Windows 10 and 11 Patch Tuesday updates, it has documented a major issue with the Server release. The company has confirmed an LSASS (Local Security Authority Subsystem Service) memory leak bug on domain controllers (DCs) while carrying out Kerberos authentication requests. Microsoft says that in extreme scenarios, the memory leak bug can lead to the crashing of LSASS, which means an unscheduled reboot is triggered, much to the annoyance of IT and system administrators and users alike. The LSASS helps authenticate users for local and remote sign-ins and enforce local security policies to prevent code injection that could lead to the compromise of credentials. It is part of the Local Security Authority (LSA) process. On its Windows health dashboard website, Microsoft explains: The good news is that the root cause has been identified, says Microsoft, and that it is working on a fix, which should be out in a few days. You may find more details about the issue on this page on Microsoft's Windows health website. Source

Issues seem to be related to security fixes made in Apple's latest OS. A couple of weeks ago, Apple released macOS Sonoma 14.4 with the usual list of bug fixes, security patches, and a couple of minor new features. Since then, users and companies have been complaining of a long list of incompatibilities, mostly concerning broken external accessories like USB hubs and printers but also extending to software like Java. MacRumors has a good rundown of the list of issues, which has been steadily getting longer as people have run into more problems. It started with reports of malfunctioning USB hubs, sourced from users on Reddit, the Apple Support Communities forums, and elsewhere—USB hubs built into various displays stopped functioning for Mac users after the 14.4 update. Other issues surfaced in the days after people started reporting problems with their USB hubs, including some instances of broken printer drivers, unexpected app crashes for some Java users, and problems launching apps that rely on the PACE anti-piracy software (and iLok hardware dongles) to authenticate. At least some of the problems seem localized to Apple Silicon Macs. In fact, iLok recommends running digital audio software in Rosetta mode as a temporary stopgap while Apple works on a fix. According to iLok, Apple has acknowledged this particular bug and is working on an update, but "[has] not indicated a timeline." The USB hub issue may be related to the USB security prompts that Apple introduced in macOS 13 Ventura, asking users to confirm whether they wanted to connect to USB-C accessories that they were connecting to their Mac for the first time. Some users have been able to get their USB hubs working again after the 14.4 update by making macOS request permission to connect to the accessory every time the accessory is plugged in; the default behavior is supposed to recognize USB devices that you've already connected to once. Scanning Apple's release notes or security update disclosures for the update doesn't reveal any smoking guns, but many of the security bugs were addressed with "improved checks" and "improved access permissions," and it's certainly possible that some legitimate accessories and software were broken by one or more of these changes. The Oracle blog post about the Java problems refers to memory access issues that seem to be causing the crashes, though that may or may not explain the problems people are having with external accessories. The blog post also indicates that these bugs weren't present in the public developer betas of macOS 14.4. My desktop M2 Mac Studio setup, which is connected to a 4K Gigabyte M28U with a built-in USB hub, hasn't exhibited any unusual behavior since the update, so it's also possible that these issues aren't affecting every user of every Mac. If you haven't updated yet, it may be worth waiting until Apple releases fixes for some or all of these issues, even if you don't think you'll be affected. Source

Microsoft released Patch Tuesday updates on Windows 10 (KB5027215, among others), and Windows 11 (KB5027231) on June 13, which was the second Tuesday of the month. The update addressed security issues, among other bugs. Aside from OS security, Patch Tuesday also fixed security issues in Office 2013 and 2016, for both 32-bit and 64-bit versions. The company also announced the arrival of a full-screen notice about Windows Hello that will now be displayed on both Windows 11 as well as Windows 10. And as is often the case, there are major bugs affecting it as well. On Windows 11, Patch Tuesday was causing Malwarebytes to go a bit haywire and block Google Chrome. Meanwhile, users reported that Windows 10 updates were having installation issues. Microsoft has now also patched an issue related to how the .NET Framework runtime update on June 13 would affect the imports of X.509 Certificates. Unlike how they functioned before, there the additional validation could now lead to CryptographicException error. Description of change Prior to the June 13, 2023, change, when .NET Framework and .NET is presented with a binary certificate blob for import, .NET Framework and .NET would typically delegate validation and import of the blob to the underlying OS. For example, on Windows, .NET Framework and .NET would typically rely on the PFXImportCertStore API for validation and import. As of the June 13, 2023, change, when .NET Framework and .NET is presented with a binary certificate blob for import, .NET Framework and .NET will in some circumstances perform additional validation before handing the blob to the underlying OS. This additional validation performs a series of heuristic checks to determine if the incoming certificate would maliciously exhaust resources upon import. Since this is additional validation beyond what the underlying OS would normally perform, it may block certificate blobs which would have successfully imported prior to the June 13, 2023, change. Microsoft has also detailed the symptoms of the issue: Symptom When using the X509Certificate, X509Certificate2, or X509Certificate2Collection class to import a PKCS#12 blob containing a private key, the calling application may observe the below exception. System.Security.Cryptography.CryptographicException: PKCS12 (PFX) without a supplied password has exceeded maximum allowed iterations. This failure affects PKCS#12 blobs which have been exported [e.g., via X509Certificate.Export(X509ContentType.Pfx)] without a password. The failure may occur non-deterministically. A workaround for the problem had been deployed on affected systems, though the company states that any registry changes made to work around the problem must be reverted: Workaround Microsoft has released updated installers for .NET Framework and .NET to address this issue. These installers can be applied to the affected machine regardless of whether the machine has already applied the original June 13, 2023, .NET Framework and .NET security updates. Important: If you previously used the registry switches documented at KB5025823 Change in how .NET applications import X.509 certificates to work around this issue, please remove those registry switches before installing the new patch. Run the two commands below from an elevated command prompt to remove the registry switches. reg delete "HKLM\Software\Microsoft\.NETFramework" /v Pkcs12UnspecifiedPasswordIterationLimit /reg:32 reg delete "HKLM\Software\Microsoft\.NETFramework" /v Pkcs12UnspecifiedPasswordIterationLimit /reg:64 These issues are addressed on Windows 10 as well as Windows 11, and more with the following out-of-band updates that can be manually downloaded from the Microsoft Update Catalog website. Product Version Update Windows 11, version 22H2 .NET Framework 4.8.1 Catalog 5028576 Windows 11, version 21H2 .NET Framework 4.8 Catalog 5028582 .NET Framework 4.8.1 Catalog 5028575 Windows Server 2022 .NET Framework 4.8 Catalog 5028584 .NET Framework 4.8.1 Catalog 5028578 Azure Stack HCI, version 22H2 .NET Framework 4.8 Catalog 5028584 Azure Stack HCI, version 21H2 .NET Framework 4.8 Catalog 5028584 Windows 10 Version 22H2 .NET Framework 4.8 Catalog 5028579 .NET Framework 4.8.1 Catalog 5028574 Windows 10 Version 21H2 .NET Framework 4.8 Catalog 5028579 .NET Framework 4.8.1 Catalog 5028574 Windows 10 1809 (October 2018 Update) and Windows Server 2019 .NET Framework 4.7.2 Catalog 5028588 .NET Framework 4.8 Catalog 5028581 Windows 10 1607 (Anniversary Update) and Windows Server 2016 .NET Framework 4.8 Catalog 5028580 Windows Embedded 8.1 and Windows Server 2012 R2 .NET Framework 4.6.2, 4.7, 4.7.1, 4.7.2 Catalog 5028590 .NET Framework 4.8 Catalog 5028585 Windows Embedded 8 and Windows Server 2012 .NET Framework 4.6.2, 4.7, 4.7.1, 4.7.2 Catalog 5028589 .NET Framework 4.8 Catalog 5028583 Windows Embedded 7 Standard and Windows Server 2008 R2 SP1 .NET Framework 4.6.2, 4.7, 4.7.1, 4.7.2 Catalog 5028591 .NET Framework 4.8 Catalog 5028586 all supported Windows versions .NET 6.0.19 Catalog 5028613 .NET 7.0.8 Catalog 5028614 You may find more details about the issue on Microsoft's official website on this page (KB5028608). Source

It was the second Tuesday of the month this week and as such, Microsoft released Patch Tuesday updates on Windows 10 (KB5027215, among others), and Windows 11 (KB5027231). The update addressed security issues, among other bugs, and as is often the case, there are major bugs affecting it as well. On Windows 11, Patch Tuesday was causing Malwarebytes to go a bit haywire and block Google Chrome. Meanwhile, users reported that Windows 10 update is having installation issues. While at the time of writing this article, Microsoft is yet to confirm and document either of these bugs, the company has announced that a kernel patch that was released on all versions of Windows, both 10 and 11, has the potential to break the OS. This issue was being tracked under ID "CVE-2023-32019". The patch notes on the update read: This update addresses an issue that affects the Windows Kernel. This issue is related to CVE-2023-32019. Microsoft gave additional information about the issue on a knowledge base support document on its website. However, since the release of the update, the company has added a portion to the support page which adds that the change has been disabled by default with an option added to enable it. The company explains: IMPORTANT The resolution described in this article introduces a potential breaking change. Therefore, we are releasing the change disabled by default with the option to enable it. In a future release, this resolution will be enabled by default. We recommend that you validate this resolution in your environment. Then, as soon as it is validated, enable the resolution as soon as possible. Here is a summary of the vulnerability as provided by Microsoft: An authenticated user (attacker) could cause an information disclosure vulnerability in Windows Kernel. This vulnerability does not require administrator or other elevated privileges. The attacker who successfully exploits this vulnerability could view heap memory from a privileged process that is running on the server. Successful exploitation of this vulnerability requires an attacker to coordinate the attack with another privileged process that is run by another user in the system. You can find the support document on Microsoft's site under KB5028407. Source

Microsoft has confirmed that those sticking to Windows 10 and not planning to upgrade to Windows 11 might experience weird taskbar behaviors after installing some of the recent cumulative updates. No, it is not a punishment for not upgrading to Windows 11—it is another known bug Microsoft will fix in future updates. Microsoft says the issue causes visual glitches and reduces system stability, making some parts and apps unresponsive. If you use Windows 10, you might experience the following symptoms: The Weather or News and Interests widget or icons flickers on the Windows taskbar The Windows taskbar stops responding Windows Explorer stops responding Applications including Microsoft Word or Excel might stop responding if they are open when the issue occurs According to a post in the official Windows documentation, a system restart might help mitigate the problem. However, Microsoft has decided to take a more proactive approach and undo the damage using the Known Issue Rollback feature. It will take care of the bug without any input from users, but the system might take up to 24 hours to propagate and heal the affected computers (all Windows 10 consumer versions starting with 20H2 and up). The software giant promises to release a permanent bugfix with future cumulative updates. Microsoft confirms taskbar bugs, broken File Explorer, and app issues in Windows 10

In the second half of last month, Microsoft released KB5039302 for Windows 11, an optional non-security update. Sadly, it caused quite a lot of quite severe issues. From breaking the taskbar to breaking entire systems, KB5039302 delivered many headaches for regular users and IT Admins. And things just keep on going. Microsoft has now confirmed another issue, which affects the Windows Update Agent API or WUA. Like it usually goes with known issues and other important notifications, Microsoft posted a note about the Windows Update Agent API troubles in the official documentation. According to the post, KB5039302 might cause problems with PowerShell or VBScript scripts that use the API, which would return an empty result when querying the properties of certain objects. As a result, users would receive error 0x8002802B "TYPE_E_ELEMENTNOTFOUND." Microsoft says that the bug is affecting client versions of Windows 11, namely the most recent ones—22H2 and 23H2. Server editions are unaffected. It is also worth noting that error 0x8002802B should not worry organizations with Windows Automatic Updates or regular home users. Microsoft mitigated the problem using the Known Issue Rollback feature. While most of the time, it can undo the damage without bothering users, in some cases, IT administrators have to apply special Group Policies to mitigate problems using Known Issue Rollback. That is the case with the 0x8002802B error. The necessary policy for fixing the bug is available here, and its application requires restarting affected devices and undoing changes that caused the issue. You can find more information about the latest known bug in Windows 11's June 2024 non-security updates here. Source Hope you enjoyed this news post. Thank you for appreciating my time and effort posting news every single day for many years. 2023: Over 5,800 news posts | 2024 (till end of June): 2,839 news posts

Windows 11 versions 22H2 and 23H2 recently received a non-security update with a bunch of new features and small fixes. Sadly, KB5039302 turned out to be a real troublemaker. Microsoft has already confirmed that it causes infinite restarts on certain systems, and now, there is another known bug. Microsoft published a new message on its official Windows Health Dashboard website to warn users that KB5039302 is breaking the taskbar on specific Windows 11 editions, namely Windows N. For those unfamiliar, Windows N is a special version of the operating system with a bunch of media features removed, such as the Windows Media Player app. Microsoft also said that the bug affects customers with regular editions who turned off media features in the "Turn Windows features on or off" UI. According to Microsoft and the official documentation, affected customers cannot interact with the taskbar, while the rest of the UI and File Explorer continue operating as usual: Microsoft is working on a resolution, which will be available in a future update. As a reminder, KB5039302 is no longer available for download—Microsoft pulled it after confirming reports about infinite restarts. You can uninstall KB5039302 by heading to Settings > Windows Update. Source Hope you enjoyed this news post. Thank you for appreciating my time and effort posting news every single day for many years. 2023: Over 5,800 news posts | 2024 (till end of May): Nearly 2,400 news posts