Microsoft makes its mea culpa regarding its first patch of 2022, acknowledging that it comes with some bugs. One of them causes problems connecting to the vpn
.
The first Patch Tuesday of 2022 was rolled out to make fixes to Windows 10 and 11 to address operating system-related vulnerabilities. However, this update has some flaws.
VPN connections affected
Microsoft has rolled out a brand new update for its Patch Tuesday. This makes it possible to correct 97 vulnerabilities – including faults concerning the Lightweight Directory Access Protocol (LDAP) protocol – and to increase security.
However, after installing the latest updates, users have seen bugs affecting the Windows Server. Indeed, the computers did not allow VPN connections, and displayed a message “ Unable to connect to VPN “. The problem is believed to be with IPSEC connections that use a vendor ID, as Microsoft clarified:
“After installing KB5009543, IPSEC (IP Security) connections that contain a vendor ID may fail. VPN connections using Layer 2 Tunneling Protocol (L2TP) or IPSEC IKE (IPSEC Internet Key Exchange) IP security could also be affected. »
Manual correction possible
For users who are victims of the bug, there are two solutions to work around it – none of them being entirely satisfactory, however.
A first solution is to manually disable provider ID verification in the server settings. This procedure is not very accessible, because it requires the intervention of the administrator and is not feasible for all VPN servers. The second, more drastic solution is to simply remove the Tuesday cumulative update, which resolves the bug in question quickly but obviously leaves the machine more vulnerable.
Microsoft announces that it has opened an investigation to find the source of these failures and better understand them. The firm also claimed that it was working on a fix for the next update, but no deployment date has been mentioned yet.
Source: GinjFo
1