AskWoody Plus Alert Logo
ISSUE 19.02.1 • 2022-01-12
MS-DEFCON 1: Business patchers be on alert

MS-DEFCON 1

By Susan Bradley

For those running a network with a domain controller, the side effects this month are extreme. Don’t patch.

MS-DEFCON 1 is a very rare occurrence. When I raise the level that high, it’s because I’m seeing critical issues with patches.

Microsoft has a technology called Active Directory that allows workstations to authenticate with a “domain controller.” This month’s updates are causing such drastic issues with domain controllers that they can become stuck in a boot loop. That is definitely an MS-DEFCON 1 condition. You should not release patches.

Patches that can cause problems include the following:

It’s unclear if Server 2022 is similarly impacted. I am looking in to the matter.

VPN side effects

I’m also tracking issues with the interaction of Windows updates and Virtual Private Network software. Mind you, I don’t see this with consumer-style VPN applications. It’s only with business solutions that use a specific type of protocol called L2TP VPN. As of this moment, there is no workaround except not installing this months updates. Whether the ultimate fix will come from Microsoft or the VPN software vendors is not yet known.

Consumer and home users

If you have already installed patches on your DESKTOP computers, don’t panic. I’ve installed this month’s updates on my own personal computer and suffered no side effects. If you’ve already installed them and, like me, have no problems, you’re probably safe. However, if you have not yet installed this month’s updates, I recommend being a prudent patcher and delaying until I bring the MS-DEFCON level down.

It seems very clear that businesses with Microsoft domain controllers are at greatest risk. Of course, if you’re an advanced home user and happen to be running a domain controller, pretend you’re a business and take notice.

Business users

I strongly recommend that you do not install domain controller updates until more is known about the problem. For now, the number or reports I’ve seen is sufficient to warrant raising the MS-DEFCON level.

Expect more guidance on this matter in next week’s Plus newsletter.

References

MS-DEFCON 1

Talk Bubbles Join the conversation! Your questions, comments, and feedback
about this topic are always welcome in our forums!

Susan Bradley is the publisher of the AskWoody newsletters.

The AskWoody Newsletters are published by AskWoody Tech LLC, Fresno, CA USA.

Your subscription:

Microsoft and Windows are registered trademarks of Microsoft Corporation. AskWoody, AskWoody.com, Windows Secrets Newsletter, WindowsSecrets.com, WinFind, Windows Gizmos, Security Baseline, Perimeter Scan, Wacky Web Week, the Windows Secrets Logo Design (W, S or road, and Star), and the slogan Everything Microsoft Forgot to Mention all are trademarks and service marks of AskWoody Tech LLC. All other marks are the trademarks or service marks of their respective owners.

Copyright ©2022 AskWoody Tech LLC. All rights reserved.

 
DON'T MISS OUT!
Subscribe to the Free Newsletter
We promise not to spam you. Unsubscribe at any time.
Invalid email address

View the Forum

  • Recent Replies
  • My Replies
  • My Active Topics
  • New Posts in the Last day
  • Private Messages
  • Knowledge Base
  • How to use the Forums
  • All Forums

    • Recent Topics

    My Profile

    March 2025
    S M T W T F S
     1
    2345678
    9101112131415
    16171819202122
    23242526272829
    3031  

    Remembering Woody

     

    Want to Advertise in the free newsletter? How about a gift subscription in honor of a birthday? Send an email to sb@askwoody.com to ask how.

    Mastodon profile for DefConPatch
    Mastodon profile for AskWoody

     

    Home About FAQ Posts & Privacy Forums My Account
    Register Free Newsletter Plus Membership Gift Certificates MS-DEFCON Alerts

    Copyright ©2004-2025 by AskWoody Tech LLC. All Rights Reserved.