Microsoft’s April Patches Bring NTLM And VPN Crashes

Just Like The Old Rhyme Goes

If you were responsible and installed KB5036893 for Windows 11 and use a VPN, you might have started seeing some very unwanted behaviour.  The April 2024 security update is causing VPN connections to fail for many users. both home and business and at this time Microsoft has not determined why.  They are hoping to have an update of some sort, likely the cause and hopefully a resolution, sometime this week.  In the mean time if you are familiar with DSIM you can try to dig out the package name and remove it, not that Microsoft is being particularly helpful about which package it is.  Since they decided to obfuscate the KB numbers of patches on Windows, that’s your only option apart from waiting.  Keep in mind you will be removing the entire package and not just the faulty patch.

The VPN issue has an effect on servers as well, but Microsoft included a bonus gift for your infrastructure.  It seems that last month’s Windows Server security updates can cause NTLM authentication failures and high loads for some of their victims customers.  If your infrastructure has a lot of NTLM traffic and a small number of DCs then chances are you’ve noticed this already, if not you may be safe from this particular issue.  Similar to the VPN issue, no root cause has been determined and so you can either uninstall the patches or live with it until Redmond figures out what is going on.

Leave a Reply