Microsoft

Microsoft fixes Direct Access bug in Windows 10 and 11 • The Register

Microsoft continues to fix issues that crop up after users install the latest updates to Windows 10 and 11, including one that causes issues with the Remote Instant Access feature.

Direct Access allows remote workers to connect to resources on the corporate network without using traditional VPN connections. It is designed to ensure that remote clients are always connected without having to start and stop connections. IT administrators can also remotely manage client systems using Direct Access when they are up and running and connected to the Internet.

However, some users who installed the KB5019509 update in Windows 10 or 11 were unable to reconnect to Direct Access after temporarily losing network connectivity or switching between Wi-Fi networks or access points, Microsoft wrote in its Windows Health Dashboard.

Microsoft is using the Known Issue Rollback (KIR) tool to address the issue. It can take up to 24 hours to make its way to unmanaged enterprise systems and all consumer devices using the system. Rebooting the affected Windows device can speed up the time frame.

For enterprise managed devices, IT administrators can install and configure a special Group Policy found by going to Computer Configuration > Administrative Templates > Group Policy Name.

The bug affects clients running Windows 11 22H2 and 21H1, Windows 10 versions 22H2, 21H1 and 20H2, and Windows 10 Enterprise LTSC 2019. Windows Server 2022 and 2019 are also affected.

Updates released on November 8, or later updates on Windows servers with the domain controller role to manage network and identity security requests, may cause problems with the Kerberos network authentication protocol.

Issues may include domain user logon failures, Active Directory Federation Services authentication issues, group managed service accounts not authenticating issues, and remote desktop connection with domain users not connecting. Access to shared folders on workstations and file shares on servers is another reported problem, and it appears that printer connections that require domain user authentication may also fail.

Windows systems with the bug will receive a Microsoft-Windows-Kerberos-Key-Distribution-Center Event ID 14 in the System section of Event Log on their domain controller.

That comes with a message that reads:

Microsoft said it is working on a fix that will be ready in the coming weeks.

In addition, some systems running Windows 11 22H2 perform poorly in apps and games. According to Microsoft, the problem is that some of this code inadvertently enables performance debugging features in GPUs. These are usually not intended to be accessible to users.

Microsoft is putting a compatibility hold on affected devices to ensure they don’t install version 22H2, and is recommending users who have already upgraded to update apps and games to the latest version available while the company works on a fix. ®

Leave a Comment