Attention all Windows Users! The Microsoft April Security Update Could Break Your VPN

In a recent development that has caught the attention of IT administrators and users alike, Microsoft has acknowledged a significant issue affecting VPN connections on Windows devices.

This problem has emerged following the installation of the April 2024 security update, impacting a broad range of Windows operating systems across both client and server platforms.

The root cause appears to be related to the updates, which inadvertently introduced a bug that disrupts the ability to successfully establish or maintain VPN connections.

Integrate ANY.RUN in Your Company for Effective Malware Analysis

Are you from SOC, Threat Research, or DFIR departments? If so, you can join an online community of 400,000 independent security researchers:

• Real-time Detection
• Interactive Malware Analysis
• Easy to Learn by New Security Team members
• Get detailed reports with maximum data
• Set Up Virtual Machine in Linux & all Windows OS Versions
• Interact with Malware Safely

If you want to test all these features now with completely free access to the sandbox:

Try ANY.RUN for FREE

Microsoft has marked this issue as critical due to its widespread impact on enterprises and individual users who rely on VPNs for secure remote access.

Affected Windows Versions

The issue has been identified in several versions of the Windows operating system, including:

• Windows 11, versions 23H2, 22H2, and 21H2
• Windows 10, version 22H2
• Windows Server 2022

Windows Servers, Including:

• Windows Server 2022
• Windows Server 2019
• Windows Server 2016
• Windows Server 2012 R2
• Windows Server 2012
• Windows Server 2008 R2
• Windows Server 2008

Users of these versions may experience failures or disruptions in their VPN connections, a critical tool for secure and remote access to networks.

On-Demand Webinar to Secure the Top 3 SME Attack Vectors: Watch for Free.

Microsoft’s Response and Workarounds

Microsoft is actively working on a resolution to address the VPN connectivity issues. In the interim, IT administrators are directed to a specific workaround documented in the Windows release health section within the Microsoft 365 admin centre.

This temporary solution aims to mitigate the impact on affected clients and servers while a permanent fix is in development.

Since no workaround is available until the next update, you can downgrade the update. If you want to remove the LCU, follow the steps below.

To remove the LCU after installing the combined SSU and LCU package, use the DISM/Remove-Package command line option with the LCU package name as the argument. You can find the package name by using this command: DISM /online /get-packages.

Running Windows Update Standalone Installer (wusa.exe) with the /uninstall switch on the combined package will not work because the combined package contains the SSU. You cannot remove the SSU from the system after installation.

Additionally, Microsoft encourages those needing immediate assistance to reach out through business support, ensuring that affected organizations can maintain their operations with minimal disruption.

As the tech giant scrambles to resolve this unexpected complication, the tech community and businesses reliant on VPN connections for their daily operations are keenly awaiting a permanent fix.

Microsoft has committed to providing updates as they work towards a resolution, ensuring transparency and support for their user base during this challenging time.

“We are working on a resolution and will provide an update in an upcoming release,” Microsoft said.

This incident highlights the intricate balance between enhancing security through updates and maintaining the stability of essential services like VPN connections.

Is Your Network Under Attack? - Read CISO’s Guide to Avoiding the Next Breach - Download Free Guide