Do they not test their updates before rolling them out everywhere?
Microsoft has confirmed that last month’s Windows security updates are breaking SSH connections on some Windows 11 22H2 and 23H2 systems. This newly acknowledged issue affects enterprise, IoT, and education customers, but the company says that only a “limited number” of devices are impacted.
Microsoft is also investigating whether consumer customers using Windows 11 Home or Pro editions are affected. “Following the installation of the October 2024 security update, some customers report that the OpenSSH (Open Secure Shell) service fails to start, preventing SSH connections,” the company explained in updated support documents for October’s Patch Tuesday KB5044285 cumulative and KB5044380 preview updates.
“The service fails with no detailed logging, and manual intervention is required to run the process.” Until a fix is available, Redmond says affected customers can still temporarily fix these SSH connection issues by updating access control list (ACL) permissions on affected directories using the following steps:
- Open PowerShell as an Administrator.
- Update the permissions for the “C:\ProgramData\ssh” and “C:\ProgramData\ssh\logs” folders to allow full control for SYSTEM and the Administrators group while allowing read access for Authenticated Users.
- Use the following PowerShell script to update the permissions:
$directoryPath = “C:\ProgramData\ssh”
$acl = Get-Acl -Path $directoryPath
$sddlString = “O:BAD:PAI(A;OICI;FA;;;SY)(A;OICI;FA;;;BA)(A;OICI;0x1200a9;;;AU)”
$securityDescriptor = New-Object System.Security.AccessControl.RawSecurityDescriptor $sddlString
$acl.SetSecurityDescriptorSddlForm($securityDescriptor.GetSddlForm(“All”))
Set-Acl -Path $directoryPath -AclObject $acl
Microsoft is actively looking for a fix that will roll out via an upcoming Windows update, with further details regarding this known issue to be provided when a resolution is available.
Sources:
https://www.neowin.net/news/microsoft-confirms-openssh-issues-in-windows-11-23h2-kb5044380/
279 views