Aug 15 2024 08:48 AM
In testing the August 2024 security update for Windows Server 2019 (KB5041578) we are finding the update causes some Windows Server 2019 servers to become unresponsive.
There is also a thread on Reddit of many admins experiencing this same behavior.
A workaround has been to stop the "Cryptographic Services" service, purge the contents of C:\windows\system32\catroot2
Reboot, then install KB5041578 and the issue does not occur.
Performing these steps on a "broken" server that was patched before performing these steps also fixes the issue, however you can't log on to the VM when this is occurring due to the performance issue, it must be done remotely.
Aug 16 2024 02:29 AM
Aug 16 2024 12:31 PM
Aug 19 2024 11:42 AM
@MNichols We also had this issue on 2 2019 servers today. The last time they were patched was back in april. Wondering if this is related to skipping patches as I dont see it on all 2019 servers.
Aug 20 2024 09:23 AM
@ausername215 Same problem here. Any response from Microsoft yet?
Aug 20 2024 10:06 AM
Aug 20 2024 10:15 AM
Aug 20 2024 10:17 AM
@TammySanders while it took a little bit i had no issues remotely stopping the cypto service, deleting the data in the folder referenced above and rebooting to resolve the performance issues. There was no need to remove the patch.
speculating here but this has hit a small subset of our systems, specifically systems that were last patched in april 2024 unlike most which was patched the previous month. My thoughts are that systems that have missed previous CU's may be impacted.
Aug 20 2024 10:33 AM - edited Aug 20 2024 10:42 AM
Makes you wonder if MS even tests any of this. Not the first time a monthy has been bad and won't be the last.
I can remember at least 2 times when RDP fell down after a monthly update.
Aug 20 2024 07:04 PM
@ausername215 we patch our fleet everymonth and its still the same.
Aug 21 2024 12:06 AM
@MNichols
I've found a "fix" that appears to do the job, it's not particularly graceful and is manual, but at least pretty quick and doesn't require a reboot or apparent roll-back of the update. You might need patience depending on how badly affected your system(s) are... Additionally if you have any kind of IOP-limited disks on affected servers this will make them even slower; if possible, remove any IOP limit and it should be less painful.
You'll need to launch (as admin) PowerShell or CMD, services.msc, Task Manager, and Windows Explorer. I put each in a corner of the UI for ease of navigation.
Server should be response again...
Aug 21 2024 05:53 AM
Aug 21 2024 05:59 AM
Aug 21 2024 09:00 AM
Aug 21 2024 09:03 AM
stop-service cryptsvc -Force
This step fails due to other dependent processes. What can be done about this?
Thank you.
Aug 21 2024 09:12 AM
Aug 21 2024 11:17 AM
Aug 23 2024 05:49 AM
Aug 23 2024 06:57 AM
Aug 23 2024 06:57 AM