Microsoft has pulled Windows Server’s January Cumulative Updates after critical bugs caused domain controllers to restart, Hyper-V to not work, and ReFS volume systems to become unavailable.
On Tuesday, Microsoft released the January 2022 Patch Tuesday updates for Windows Server, which include numerous security updates and bug fixes.
These updates are KB5009624 for Windows Server 2012 R2, KB5009557 for Windows Server 2019, and KB5009555 for Windows Server 2022.
Microsoft fetches Windows Server updates
Shortly after Microsoft released this week’s Windows Server updates, administrators who installed them began reporting that they were experiencing a number of serious issues.
These issues included domain controllers going through an endless reboot loop, ReFS volumes becoming inaccessible and showing up as RAW file systems, and Hyper-V no longer booting on servers.
Today BleepingComputer was informed that Microsoft has retired Windows Server January Updates and they are no longer accessible through Windows Update.
In testing by BleepingComputer, we can confirm that our installation of Windows Server 2019, which has the December Cumulative Update installed, no longer offers the January KB5009557 update.
Source: BleepingComputer
We have not independently verified whether other Windows Server updates have been removed, but Windows administrators have told us that they are.
Updates are still available in the Microsoft Catalog, but BleepingComputer strongly recommends administrators not to install new Windows Server updates at this time.
While the updates resolve 97 security vulnerabilities, some of which are critical, they also cause significant disruption to Windows networks.
The January Windows 10 and Windows 11 Cumulative Updates also break L2TP VPN connections, but Microsoft has not retired these updates at this time.
Update of 01/14/22:
Windows Server updates are back
Today, Windows Server updates are back and available again through Windows Update.
As we reported yesterday, they were still available through the Microsoft Catalog, and the admins later told BleepingComputer that they were also available through WSUS.
It’s unclear why Microsoft only removed them from Windows Update and didn’t answer our questions about their disappearance.
However, Microsoft has confirmed to BleepingComputer via email that it is aware of the issues and is investigating them.
Microsoft has also created two new known issues in Windows Message Center with more information.
“After installing KB5009557 on domain controllers (DCs), affected versions of Windows servers may restart unexpectedly. To note: On Windows Server 2016 and later, you are more likely to be affected when domain controllers use hidden principals in Enhanced Security Administration Environment (ESAE) or environments with Privileged Identity Management (PIM)”, explains Microsoft about domain controller restarts.
Microsoft has also confirmed that it is investigating the issue where “virtual machines (VMs) in Hyper-V may fail to start” when installing updates on devices using UEFI.
Update 01/14/22 3:16 PM EST: Windows Server updates are back and Microsoft has confirmed they are aware of the issues.
