We recommend to all our customer to keep most of their servers and services in automatic update. The risk of a non-patched vulnerability being actively exploited it way higher than the risk of a software update that cause more trouble.

However, sometime, indeed, a software update can cause trouble. This is uncommon, this does not change the update strategy we recommend, but it happens. That’s the case today.

Microsoft recently published a Windows Server patch that will cause domain controllers to fail and restart continuously. This applies to Windows Server inversion 2012 R2 (patch KB5009624), 2019 (patch KB5009557) and 2022 (patch KB5009555). Oddly, 2016 is not impacted.

This issue can be identified with the following messages

If you are in this situation, you need to remove those updates. If your servers aren’t yet updated, Microsoft remove those patches from their servers for now.