New Threat Research: Uncovering Adversarial LDAP Tradecraft

Read Threat Research


Microsoft Pushes Emergency Fix for Windows Server Hyper-V VM Issues

After installing this month’s Patch Tuesday updates, Microsoft has released emergency out-of-band (OOB) Windows Server updates to address a known issue breaking virtual machine (VM) creation on Hyper-V hosts. The issue only affects VMs managed with the System Center Virtual Machine Manager (SCVMM) and using Software Defined Networking (SDN). On affected systems, Windows admins see warnings during live migration, SLB Load Balancer or SDN RAS Gateway fails, and experience failures when creating new VMs and attaching Virtual Network Interface Cards (VNICs). Only Windows Server 2019 and Windows Server 2022 should be impacted after installing December 2022 Patch Tuesday updates (KB5021237 and KB5021249).

To resolve this issue, admins must install the OOB cumulative updates released on December 20, 2022 on all affected Hyper-V hosts in their environment. “You do not need to install any update or make any changes to other servers or client devices in your environment to resolve this issue,” Microsoft said on Tuesday.

Analyst Notes

These updates are not delivered through Windows Updates and will not install automatically on impacted servers. To get the standalone package, admins must search for the KB number in the Microsoft Update Catalog, download it, and install it manually. They can also be manually imported into Windows Server Update Services (WSUS) and Microsoft Endpoint Configuration Manager. Microsoft also provides instructions on importing updates into WSUS and Configuration Manager from the Microsoft Update Catalog. “You do not need to apply any previous update before installing these cumulative updates,” Redmond added. “If you have already installed updates released December 13, 2022, you do not need to uninstall the affected updates before installing any later updates, including the updates listed above.” A temporary fix is also available for admins who cannot immediately install the updates on affected SDN-based SCVMM deployments. This workaround requires running a set of commands on all SCVMM-managed Hyper-V hosts from an elevated PowerShell window (immediately after installing the KB5021237 and KB5021249 updates). Administrators can find scripts for large-scale deployments on the SCVMM Management Server and further details on applying the workaround on the Microsoft support site.