Malfunctioning devices, failed connections, and installation errors: Update KB5066835 can also cause USB devices, including keyboards and mice, to malfunction in WinRE, preventing navigation in recovery mode. However, the keyboard and mouse do continue to work normally within the Windows OS. Microsoft has now released an out-of-band update, KB5070773, to address the issue.Additionally, the security update may cause issues with incoming connections for server-side applications that rely on HTTP.sys. IIS websites may fail to load, with users receiving messages including “ERR_CONNECTION_RESET).” This includes websites hosted on localhost/, and other IIS connections.Microsoft advises that the issue can be resolved by searching for and installing updates, then restarting devices whether or not updates were found.Furthermore, KB5066835 is causing failures in WUSA, a mechanism for installing updates using the Windows Update Agent API in enterprise environments. Users may receive the error “ERROR_BAD_PATHNAME” when interacting with .msu update files when there is more than one .msu file in a shared network folder.Users can workaround the issue by saving .msu files locally and installing the update from the local file. If, after restarting Windows, the Update History page in Settings still says a restart is required, then wait 15 minutes for it to refresh. “After this short delay, the Settings app should properly indicate if the update installed successfully,” Microsoft said.The company said it has mitigated the issue via Known Issue Rollback, and a fix will be released in a future Windows update.
How enterprises should respond: Beauceron Security’s Shipley noted that, overall, these flaws will impact “a few significant organizations in a significant way,” particularly those in banking, government, and defense that require a high level of security control.In the short term, Info-Tech’s Wilson advised affected organizations to perform the recommended update to the “DisableCapiOverrideForRSA” registry key, changing its value to “0.” They could also put off deploying that particular patch for smartcard authentication.”They’ll need to work with vendors to obtain apps, drivers, and tools that align with changes in how Microsoft is approaching cryptography,” said Wilson, emphasizing that this registry key will disappear in April 2026, eliminating the workaround.In the long term, he said, organizations can protect themselves from these and similar situations by:Establishing processes that test patches and manage changes through a change control process.Having multiple paths for authentication, especially for critical and privileged accounts.Maintaining contingency plans for critical processes in case authentication systems fail.”The current user challenges will be abated over time as more operating systems are upgraded,” noted Saviynt’s Routh. Ultimately, “the new technology/cryptography in the update represents an improvement in the operating system’s security.”
First seen on csoonline.com
Jump to article: www.csoonline.com/article/4076016/security-patch-or-self-inflicted-ddos-microsoft-update-knocks-out-key-enterprise-functions-2.html
