July Windows Server updates break Remote Desktop connections
Microsoft has confirmed that July’s security updates break remote desktop connections in organizations where Windows servers are configured to use the legacy RPC over HTTP protocol in the Remote Desktop Gateway.
“Windows Servers might affect Remote Desktop Connectivity across an organization if legacy protocol (Remote Procedure Call over HTTP) is used in Remote Desktop Gateway. Resulting from this, remote desktop connections might be interrupted,” Microsoft explained.
“This issue might occur intermittently, such as repeating every 30 minutes. At this interval, logon sessions are lost and users will need to reconnect to the server.”
This confirmation comes after many reports from Windows admins saying that the RD Gateway service kept crashing every 30 minutes after installing this month’s updates.
“We’re serving applications to well over 500 users and have lost tremendous time and money today. Beware of this update. Removing the update solved our crashes entirely,” one admin said.
“Also having the Remote Desktop Gateway issues after applying this patch on 2019 server. Random mass disconnects throughout the day, couldn’t find much in the event logs other than the service restarting,” another one added.
Admins can track this as a TSGateway service termination issue, triggering an 0xc0000005 exception code when it becomes unresponsive that gets logged as Event 1000 in the system event log.
The list of impacted Windows Server releases and the security updates that trigger it includes:
- Windows Server 2022 (KB5040437)
- Windows Server 2019 (KB5040430)
- Windows Server 2016 (KB5040434)
- Windows Server 2012 R2 (KB5040456
- Windows Server 2012 (KB5040485)
Workarounds available
Microsoft says it’s currently working on a fix to mitigate the Remote Desktop connection failures, and until one is available, it provides affected organizations with two temporary workarounds.
The first requires disallowing connections over pipe, and port \pipe\RpcProxy\3388 through the RD Gateway (you can do this using firewall software).
The second workaround requires editing the RDGClientTransport registry key under Terminal Server Client by going to HKCU\Software\Microsoft\Terminal Server Client\RDGClientTransport using the Windows Registry Editor. Next, Find the’ DWORD’ registry key and set the ‘Value Data’ field to ‘0x0’.
Make a registry backup before editing this key to ensure you have an easy way to restore it if anything goes wrong.
Two years ago, Microsoft had to fix a known issue causing RDP and VPN connectivity problems on Windows Servers with Routing and Remote Access Service (RRAS) enabled after installing the June 2022 security updates.