Windows update breaks SSH connections; Microsoft confirms issue, fix pending further investigation.

Sharing is Caring!

Do they not test their updates before rolling them out everywhere?

Microsoft has confirmed that last month’s Windows security updates are breaking SSH connections on some Windows 11 22H2 and 23H2 systems. This newly acknowledged issue affects enterprise, IoT, and education customers, but the company says that only a “limited number” of devices are impacted.

Microsoft is also investigating whether consumer customers using Windows 11 Home or Pro editions are affected. “Following the installation of the October 2024 security update, some customers report that the OpenSSH (Open Secure Shell) service fails to start, preventing SSH connections,” the company explained in updated support documents for October’s Patch Tuesday KB5044285 cumulative and KB5044380 preview updates.

See also  DOJ Opens Investigation into Chuck Schumer For Threatening conservative U.S. Supreme Court Justices

“The service fails with no detailed logging, and manual intervention is required to run the process.” Until a fix is available, Redmond says affected customers can still temporarily fix these SSH connection issues by updating access control list (ACL) permissions on affected directories using the following steps:

  1. Open PowerShell as an Administrator.
  2. Update the permissions for the “C:\ProgramData\ssh” and “C:\ProgramData\ssh\logs” folders to allow full control for SYSTEM and the Administrators group while allowing read access for Authenticated Users.
  3. Use the following PowerShell script to update the permissions:
See also  J.D. Vance tells “Face the Nation“ that the price of groceries are gonna come down but “inflation isn’t the #1 issue

$directoryPath = “C:\ProgramData\ssh”
$acl = Get-Acl -Path $directoryPath
$sddlString = “O:BAD:PAI(A;OICI;FA;;;SY)(A;OICI;FA;;;BA)(A;OICI;0x1200a9;;;AU)”
$securityDescriptor = New-Object System.Security.AccessControl.RawSecurityDescriptor $sddlString
$acl.SetSecurityDescriptorSddlForm($securityDescriptor.GetSddlForm(“All”))
Set-Acl -Path $directoryPath -AclObject $acl

Microsoft is actively looking for a fix that will roll out via an upcoming Windows update, with further details regarding this known issue to be provided when a resolution is available.

Sources:

https://www.bleepingcomputer.com/news/microsoft/microsoft-confirms-windows-11-updates-breaking-ssh-connections/

https://www.neowin.net/news/microsoft-confirms-openssh-issues-in-windows-11-23h2-kb5044380/

https://www.lbttechgroup.com/index.php/blog/microsoft-says-recent-windows-11-updates-break-ssh-connections


279 views