The latest Windows 11 update may break your VPN connection

News
By Sead Fadilpašić
published

The only solution is to uninstall the patch

VPN graphic
(Image credit: Shutterstock)

Microsoft’s monthly update to Windows 10 and Windows 11, which came as part of the most recent Patch Tuesday, appears to be preventing the software's built-in VPN tool from establishing a connection, effectively rendering it useless.

Microsoft is yet to confirm the problem, which has already shared multiple times on Reddit. Besides the Windows VPN, it seems the problem also affects a couple of third-party VPNs, with SonicWall, Cisco Meraki, and WatchGuard Firewalls all seeing issues.

A security researcher told BleepingComputer that the bug affects the Ubiquity Client-to-Site VPN connections for those using the Windows VPN client, as well.

Choosing a lesser evil

The two problematic updates are KB5009543 for Windows 10, and KB5009566 for Windows 11. At the moment, the only way to fix the problem is to remove the patches which, as the publication explains, can be done through the command prompt, with the following commands:

Windows 10: wusa /uninstall /kb:5009543 

Windows 11: wusa /uninstall /kb:5009566

The problem with this approach is that Microsoft bundles all of its fixes, so removing this patch will not only allow Windows admins to re-establish their L2TP VPN connections, but will also expose them to multiple known security vulnerabilities.

And with remote working still being necessary for the majority of companies, they’ll have a tough time choosing a lesser evil between privacy and vulnerability exposure. 

One of the flaws addressed through Patch Tuesday was a wormable Windows 11 flaw, found in the HTTP Protocol Stack. There’s yet no malware abusing this flaw out there, but Microsoft said it allows the attacker to execute arbitrary code, remotely, without much user interaction, making it extremely dangerous. 

To protect vulnerable devices, disabling the HTTP Trailer Support feature will suffice. 

The vulnerability is tracked as CVE-2022-21907. Besides this one, a total of six zero-days, and almost 100 different flaws, were addressed in the patch.

  • You might also want to check out our list of the best proxies right now

Via: BleepingComputer

Sead Fadilpašić

Sead is a seasoned freelance journalist based in Sarajevo, Bosnia and Herzegovina. He writes about IT (cloud, IoT, 5G, VPN) and cybersecurity (ransomware, data breaches, laws and regulations). In his career, spanning more than a decade, he’s written for numerous media outlets, including Al Jazeera Balkans. He’s also held several modules on content writing for Represent Communications.