Microsoft: Out-of-sequence update for Windows Server 2022 against SQL problems
Microsoft released an emergency update for Windows Server 2022 at the end of last week. It corrects problems with SQL servers.
Security gaps in Windows put users at risk.
(Image: Bild erstellt mit KI in Bing Designer durch heise online / dmk)
On Tuesday last week, it became known that the Windows security updates from June could cause problems with SQL servers on Windows Server 2022 instances. At the weekend, Microsoft's developers released an emergency update to fix the problems.
The update with the KB number KB5041054 upgrades the server to build 20348.2529. Microsoft classifies it as non-security-relevant - however, as the problem came to the machines with the security updates in June, those affected may have uninstalled it again, which leaves the security gaps it closes open.
Microsoft explains the SQL side effects
The problem that admins can get with cloud-based SQL servers should be fixed. Specifically, Azure Synapse SQL Serverless Pool databases switched to recovery pending mode. This was more likely to occur when customers used so-called Customer-Managed Keys (CMK) and Azure Synapse Dedicated SQL Pool. The cause was the BCryptSignHash API, which returned STATUS_INVALID_PARAMETER due to a problem if parameters in RSA signatures were filled with NULL. "This issue is more likely to occur when Customer-Managed Key (CMK) is used as in a dedicated Azure Synapse SQL pool," Microsoft discusses.
The updated update is not available in Windows Update, Business Update or Server Update Services, but must be installed manually. Standalone versions for Windows Server 2022 21H2 and 22H2 are available for download in the Windows Update Catalog. For version 23H2, however, there is no newer version of the update yet.
According to the explanations in the Windows Message Center, these are cumulative updates for Windows Server 2022 and Azure Stack HCI, version 22H2, so no previous updates need to be installed. A device restart is required after installation.
Microsoft has not yet provided a solution to the problems under Windows 10 that have been caused by the Windows security updates since April. The status is still "confirmed", so the developers are still working on a solution.
(dmk)