Faulty patches on Server 2022

Steel Contributor

There appear to be two faulty patches in this month's batch for Server 2022:

 

1) KB5034439 - which won't install at all on a large number of machines (hasn't installed on anything I've tried it on), and the only suggested 'solution' appears to be the completely impractcal one of manually resizing the recovery partition on all affected machines - this also affects the equivalent W10 patch (KB5034441) and is discussed here: https://answers.microsoft.com/en-us/windows/forum/all/windows-10-update-error-code-0x80070643/2c1718...

 

2) KB5034129 which in some cases appears to be completely break Edge. Not all machines are affected and I've not managed to work out what determines which ones will be, but the symptoms are (some of us do use a server OS for desktop use, hence the references to Teams / Outlook!):

  • When Edge is opened it just gives a blank white (or occasionally black) screen
  • New Teams fails to load (presumably due to Edge dependency)
  • New Outlook Fails to load (presumably due to Edge dependency)
  • Old Outlook (subscription version, fully patched) works as normal, but has a constantly flickering circle beside the mouse pointer – this persists while Outlook is running even if it doesn’t have the focus, and the only way to stop it is to close Outlook (does old Outlook link into Edge in any way)?

I have tested this second one by removing it manually - problem went away. Reinstalled it - problem came back. Removed it again - problem went away. I'm therefore confident that this KB is resonsible.

 

Is Microsoft aware of these problems and is anyone looking at them? I know that Microsoft staff do read these forums.

17 Replies

@DavidYorkshire 

I have the same problem with the KB5034129 with Edge and Chrome. It happens only on th Machines with an inplace upgrade from Server 2016 to 2022.

Thanks - I think that would partly fit in my case too (the VM I first encountered it on was definitely upgraded from 2019, and I think from 2016 before that),.

 

Having done some more testing, I'm sure that there are some other VMs which had been upgraded 2016-19-22 - they are mostly fileservers so don't have Teams installed, but they do have Edge and that seems to be working OK.

 

So it seems likely that having been upgraded from 2016 may not be the only relevant condition.

We have the same problem. But it only happens on servers that were InplaceUpgrad from 2016 to 2022. Servers that were newly installed with 2022 or that received an InplaceUpgrad from 2016 to 2019 are error-free.

 

MS Edge and MS Edge WebView 2 generate high loads, MS Edge remains white

1. Antivirus High Usage => Uninstalled, no improvement
2. Defender High Usage => Disabled, no improvement
3. Windows Error Reporting High Usage

No idea what else can be done.

 

I think it's a problem with WebView2.

 

Workaround : 

 

Uninstall Windows Update KB5034129 !!!

 

1. with GUI don't work 

2. with cmd (admin) work => wusa /uninstall /kb:5034129

3. then with Mircosoft Programms (wushowhide) deactivate KB5034129

 

Same problem here. Stopped the rollout of KB5034129.

We would be affected with around 7000 servers.

Severtiy A Case at Microsoft has been running since Friday.

No result so far.

Chrome Crashes after January Windows updates on Server 2022 - Google Chrome Community

 

This solution also works for msedge.exe and msedgewebview2.exe

Another alternative is to remove it through control panel / programs & features / view installed updates.

We use WSUS, so I have set it as declined in there now. However, the update doesn't support removal through WSUS, so if it's already installed and is causing problems then it will have to be removed from each affected server by one of the manual methods.

@DavidYorkshireThis fixes the hang for chrome and msedge.  Delete both the chrome and msedge keys in the registry.

https://www.windowslatest.com/2024/01/16/windows-server-2022-kb5034129-crashes-edge-chrome-and-firef...

MIcrosoft has supplied a solution to the problem with KB5034129.

The problem appears to be caused by two residual registry keys which exist in Server 2016 but not in later versions. However, if the machine has been upgraded from 2016 they remain (although not required) and if they are present this problem with Edge / New Teams / New Outlook occurs.

The keys are:
- [HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Image File Execution Options\msedge.exe]
- [HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Image File Execution Options\msedgewebview2.exe]

The advice from Microsoft was to simply delete them.

I have tried this on an affected machine (I had removed the problem patch and blocked it in WSUS). I deleted those keys, gave it a reboot, reinstalled the patch and rebooted again, and all seems to be working correctly - no issues with Edge / New Teams / New Outlook.

@DavidYorkshire 

Thanks a lot for this solution. - It works for Edge.

But to bring back Chrome I had to remove also this key in the registry:

 

- [HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Image File Execution Options\chrome.exe]

 

Now my inplace upgraded (from W2016 to W2022 Server) works fine again.

 

 

@danilue 

We had to Remove also RdrCef.exe for Adobe Reader. 

The difference to edge on chrome is that rdrcef is a Problem also in new deloyed Servers. You can see a crash in application event log. 

You're right - I saw this error but ignored it... - Thanks for this advise - after deleting this key in the registry too the error has gone away.

I hope Microsoft will distribute a patch for all these misprogrammed updates...
Looks like they've still not fixed the problem with KB5034439 (and the W10 equivalent, KB5034441) as part of this month's batch of patches.
Are any instances using perl or a vpn of some sort?? I am no pro and just learning myself, however that could be an answer but you probably have already heard of these options : )
I'm just testing the April batch of updates, and KB5034439 STILL isn't installing.

Can someone from Microsoft please clarify on whether you are intending to bother to resolve this issue? This is now the third month it's been broken (was released in January).

Thanks
This sucks. Microsoft can't really expect us to manually fix the partitions of all affected servers!

They actually did release statements about this issue. Turns out you need to have a recovery partition (and it has to be big enough) in order for the update to succeed.
This Reddit reply sums it up on how to address this pretty well: https://www.reddit.com/r/sysadmin/comments/1atmyhn/comment/krjve0s

I believe the script can be batch ran on multiple systems, but that's not the point here. The point is they should have already be aware of the default recovery partition size that's defined by default in their own installation environment. What could've been done instead when there is barely space for the partition is to just copy Winre.wim out, apply updates to it, thin it using dism /export-image, and overwrite the new wim back to the recovery partition (The update itself barely makes the wim grow so the remainder space isn't a problem).

Thanks - yes, I am aware of that but it is not reasonable for them to expect their customers to take this sort of risk - i.e. fiddling about with partitions on multiple live servers. They need to issue a patch which actually resolves the issue in whatever way they think suitable. But it does need to be an automated process.