Hacking

Microsoft releases Windows out-of-band emergency fixes for Win Server, VPN issues

Microsoft released Windows emergency out-of-band (OOB) updates to fix multiple issues caused by January 2021 Patch Tuesday updates.

Microsoft has released emergency out-of-band (OOB) updates for Windows to address multiple issues caused by security updates issued as part of the January 2021 Patch Tuesday.

The Windows Server updates for January were causing a series of issues for administrators, multiple administrators reported anomalous reboots of Windows domain controllers, and Hyper-V that was no longer starting on Windows servers.

Reports also claim that the Windows Resilient File System (ReFS) volumes were no longer accessible after the installation of January 2021 updates.

Some administrators and users reported problems with L2TP VPN connections on Windows 10 after installing the recent Windows 10 and Windows 11 cumulative updates.

“Microsoft is releasing out-of-band (OOB) updates for some versions of Windows today, January 18, 2022,” the company said. “This update fixes issues related to VPN connectivity, Windows Server domain controller restarts, virtual machine startup failures, and ReFS-formatted removable media that fails to mount.”

The OOB updates can be downloaded from the Microsoft Update Catalog, if they are not installed directly from Windows Update as optional updates.

Emergency out-of-band (OOB) updates through Windows Update are optional updates and have to be manually installed.

Below are the updates can only be downloaded through the Microsoft Update Catalog:

These are the updates for these Windows versions that are also available through Windows Update as an optional update:

  • Windows 11, version 21H1 (original release): KB5010795
  • Windows Server 2022: KB5010796
  • Windows 10, version 21H2: KB5010793
  • Windows 10, version 21H1: KB5010793
  • Windows 10, version 20H2, Windows Server, version 20H2: KB5010793
  • Windows 10, version 20H1, Windows Server, version 20H1: KB5010793
  • Windows 10, version 1909, Windows Server, version 1909: KB5010792
  • Windows 10, version 1607, Windows Server 2016: KB5010790
  • Windows 10, version 1507: KB5010789
  • Windows 7 SP1: KB5010798
  • Windows Server 2008 SP2: KB5010799

Users that cannot immediately install these out-of-band updates can remove the following updates that could cause the above problems:

  • KB5009624
  • KB5009557
  • KB5009555
  • KB5009566
  • KB5009543

However, experts warn that removing the above updates they will also remove bundled security updates that address vulnerabilities patched with the release of the January 2021 Patch Tuesday. 

Follow me on Twitter: @securityaffairs and Facebook

[adrotate banner=”9″][adrotate banner=”12″]

Pierluigi Paganini

(SecurityAffairs – hacking, Windows emergency out-of-band)

[adrotate banner=”5″]

[adrotate banner=”13″]

Pierluigi Paganini

Pierluigi Paganini is member of the ENISA (European Union Agency for Network and Information Security) Threat Landscape Stakeholder Group and Cyber G7 Group, he is also a Security Evangelist, Security Analyst and Freelance Writer. Editor-in-Chief at "Cyber Defense Magazine", Pierluigi is a cyber security expert with over 20 years experience in the field, he is Certified Ethical Hacker at EC Council in London. The passion for writing and a strong belief that security is founded on sharing and awareness led Pierluigi to find the security blog "Security Affairs" recently named a Top National Security Resource for US. Pierluigi is a member of the "The Hacker News" team and he is a writer for some major publications in the field such as Cyber War Zone, ICTTF, Infosec Island, Infosec Institute, The Hacker News Magazine and for many other Security magazines. Author of the Books "The Deep Dark Web" and “Digital Virtual Currency and Bitcoin”.

Recent Posts

Google addressed 2 Chrome zero-days demonstrated at Pwn2Own 2024

Google addressed two zero-day vulnerabilities in the Chrome web browser that have been demonstrated during…

10 hours ago

INC Ransom stole 3TB of data from the National Health Service (NHS) of Scotland

The INC Ransom extortion group hacked the National Health Service (NHS) of Scotland and is threatening…

14 hours ago

CISA adds Microsoft SharePoint bug disclosed at Pwn2Own to its Known Exploited Vulnerabilities catalog

U.S. Cybersecurity and Infrastructure Security Agency (CISA) adds a Microsoft SharePoint vulnerability disclosed at the…

19 hours ago

The DDR Advantage: Real-Time Data Defense

This is the advantage of Data Detection and Response (DDR) for organizations aiming to build…

22 hours ago

Finnish police linked APT31 to the 2021 parliament attack

The Finnish Police attributed the attack against the parliament that occurred in March 2021 to…

1 day ago

TheMoon bot infected 40,000 devices in January and February

A new variant of TheMoon malware infected thousands of outdated small office and home office…

2 days ago

This website uses cookies.