Microsoft’s July 2024 updates for Windows Server have caused significant disruptions to Remote Desktop connections. Organizations using the legacy RPC over HTTP protocol in Remote Desktop Gateway configurations are experiencing frequent disconnections, with users being logged out approximately every 30 minutes.
The issue stems from the KB5040437 update, released on July 9, 2024, for Windows Server 2022 build 20348.2582. This update inadvertently breaks Remote Desktop functionality, forcing users to repeatedly reconnect to servers and disrupting workflow continuity. The problem affects multiple versions of Windows Server, causing widespread concern among IT administrators and businesses relying on remote access capabilities.
Microsoft has acknowledged the issue and is working on a resolution. In the meantime, affected organizations face a dilemma between maintaining security by applying critical updates and preserving operational stability for remote workers. The situation highlights the delicate balance between implementing necessary security patches and avoiding unintended consequences that can impact productivity.
Microsoft released several critical security updates for Windows Server in July 2024. These patches addressed vulnerabilities and introduced new features, but also caused issues with remote desktop connections for some users.
The July 2024 Patch Tuesday updates included fixes for multiple Windows Server versions. Microsoft released KB5040437 for Windows Server 2022, addressing 43 security vulnerabilities. KB5040438 targeted Windows Server version 23H2, patching 37 issues. Azure Stack HCI version 22H2 received KB5040437, resolving 41 security flaws.
Key areas addressed:
The updates also improved system stability and performance. However, some organizations reported problems with remote desktop connectivity after installing the patches.
The remote desktop connection issues primarily impacted Windows servers configured to use the legacy RPC over HTTP protocol. Affected versions include:
Microsoft acknowledged the problem and advised administrators to check their Remote Desktop Services configurations. Servers using more modern remote desktop protocols were less likely to experience disruptions.
IT teams should review their Windows Server update status and Remote Desktop Services settings to determine potential impact. Microsoft provided guidance for temporary workarounds while developing a permanent fix.
The July Windows Server updates introduced significant issues affecting Remote Desktop functionality. Organizations using legacy connection protocols experienced widespread disruptions to remote access capabilities.
The update caused problems with the Remote Desktop Protocol, particularly for servers configured to use RPC over HTTP. This legacy protocol, while still in use by some organizations, became unstable after the update.
Affected servers experienced intermittent connection failures and sudden disconnects. In some cases, Remote Desktop sessions would fail to initialize entirely. The disruption impacted both inbound and outbound RDP connections on affected Windows Servers.
Users reported various symptoms related to the Remote Desktop disruption. Common issues included:
IT administrators noted increased load on Remote Desktop Gateway servers as connection attempts repeatedly failed. Some organizations reported 30-minute system crashes on affected servers.
The disruption primarily affected Remote Desktop connections using the legacy RPC over HTTP protocol. This protocol typically utilizes port 3388 for communication between clients and servers.
Key affected components include:
Modern RDP implementations using newer protocols were less impacted. However, organizations relying on legacy setups faced significant connectivity challenges. Microsoft acknowledged the issue and advised administrators to review their Remote Desktop configurations for potential workarounds.
The July Windows Server update introduced critical changes affecting Remote Desktop connections. Several technical approaches can help mitigate these issues while awaiting an official fix from Microsoft.
Cumulative Update KB5040442 altered core components of the Remote Desktop Protocol (RDP) stack. The update modified how Windows Server handles RPC over HTTP connections, leading to instability in Remote Desktop Gateway services. This change impacts organizations still using legacy RPC over HTTP configurations.
The update also affected the RpcProxy service, causing it to crash regularly on Windows Server 2019 and 2022. These crashes prevent successful remote connections, disrupting business operations for many organizations relying on remote access.
Administrators can implement registry modifications to temporarily resolve connection issues. Open the Windows Registry Editor and navigate to:
HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Services\TermService\Parameters
Create a new DWORD value named “fDenyTSConnections” and set its value data to 0. This tweak allows Terminal Services connections.
For Remote Desktop Gateway servers, modify:
HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Terminal Server Gateway\Administration
Add a DWORD value “AllowDirectRPC” and set it to 1. This change permits direct RPC connections, bypassing the problematic RpcProxy service.
Organizations can explore alternative remote access methods to maintain productivity. Virtual Private Networks (VPNs) offer a secure way to connect to internal resources without relying on RDP. Ensure proper VPN configurations and consider multi-factor authentication for enhanced security.
Cloud-based remote desktop solutions provide another workaround. These services often operate independently of on-premises infrastructure, avoiding issues related to Windows Server updates.
For critical systems, consider rolling back the problematic update. Be aware this may require BitLocker recovery on some machines. Always create a full backup before performing system changes.
Implementing proactive strategies can help minimize disruptions caused by Windows Server updates. Proper planning and redundancy are key to maintaining remote access capabilities.
IT admins should establish a structured approach to deploying security updates. Create a test environment that mirrors the production setup to evaluate patches before full deployment. Schedule updates during off-peak hours to reduce impact on users.
Implement a phased rollout strategy, starting with non-critical systems. Monitor these systems closely for any issues before proceeding to critical infrastructure. Use Windows Server Update Services (WSUS) to control and manage update distribution across the network.
Keep detailed logs of all updates applied and any resulting issues. This documentation can prove invaluable for troubleshooting and rolling back problematic patches if necessary.
Establish multiple remote access methods to ensure continued connectivity if one fails. Configure a VPN solution alongside Remote Desktop Services. Consider implementing DirectAccess or Windows Always On VPN as additional options.
Set up backup remote desktop gateways on separate servers. This redundancy helps maintain access if the primary gateway experiences issues after an update. Ensure these backup systems are also kept up-to-date with security patches.
Implement load balancing for remote desktop services to distribute connections across multiple servers. This approach improves performance and provides failover capability if one server becomes unreachable due to update-related problems.
705-325-6100
8 Westmount Drive South, Unit 4
Orillia, ON L3V 6C9
Website, Branding, Graphic Design and Strategic Content Development by Orillia Computer
Copyright Orillia Computer 2024. All rights reserved.
1000282541 Ont. Ltd DBA Orillia Computer