Microsoft KB Archive Search

Notice: This website is an unofficial Microsoft Knowledge Base (hereinafter KB) archive and is intended to provide a reliable access to deleted content from Microsoft KB. All KB articles are owned by Microsoft Corporation. Read full disclaimer for more details.

  1. Home
  2. May 16, 2017—KB4019217 (Preview of Monthly Rollup)

May 16, 2017—KB4019217 (Preview of Monthly Rollup)

View products that this article applies to.

Improvements and fixes

This non-security update includes improvements and fixes that were a part of Monthly Rollup KB4019215 (released May 9, 2017) and also includes these new quality improvements as a preview of the next Monthly Rollup update:

  • Addressed issue related to establishing a secure connection to a server using the TLS protocol. The application may hang when the server certificate specifies a secure URL (HTTPS) for the Certificate Revocation List (CRL) or for the Authority Information Access (AIA) values within the certificate.
  • Addressed issue where changing your password while not directly connected to the enterprise network, such as with a VPN, will cause your private keys to become inaccessible. Symptoms vary including the inability to encrypt/decrypt or sign documents.
  • Addressed issue where performing a factory reset fails because a new authenticated variable that was added to the firmware cannot be deleted during factory reset. When the factory reset encounters this variable, it gets an error and does not complete the reset.
  • Addressed issue where users may experience slow logons when logging on to Windows Server 2012 R2 servers that have a high amount of open connections. The issue is caused by the collection of bandwidth statistics on the open connections for the processing of group policy.
  • Addressed issue where the Server Message Block 3.0’s Continuous Availability feature degrades software performance when the FindFirstFileEx() function receives a path that ends with ".." or ".".
  • Addressed issue where the Common Log File System references an invalid parameter when users create new folders and new tasks using Task Scheduler, which generates Stop Error 0x24.
  • Addressed issue where removable devices do not work as expected after applying KB3179574 and when auditing of removable devices is enabled.
  • Addressed issue where a Virtual Machine sporadically loses its network connection completely.
  • Addressed issue where Windows Event Forwarding between two 2012 R2 servers makes reports incompatible with third-party Security Information and Event Management software.
  • Addressed an issue where LSASS consumes large amounts of memory on 2012 R2 Domain Controllers during a security descriptor propagation operation. This issue occurs when a security descriptor change is made on a root object with lots of descendants. Additionally, Applies To is set to "This object and all descendant objects."
  • Addressed issue where Work Folders clients using token broker do not work (“Access denied” error) when using an Active Directory Federation Services Server 2012 R2.

↑ Back to the top

Known issues in this update

Symptom  Workaround
If the PC uses an AMD Carrizo DDR4 processor, installing this update will block downloading and installing future Windows updates. This issue is resolved by KB4022726.
If a Server 2012 R2 system uses an Intel Xeon (E3 v6) family of processors, installing this update will block downloading and installing future Windows updates. This issue is resolved by KB4022726.
 
This update introduced an issue in which, if an iSCSI target becomes unavailable, attempts to reconnect will cause a leak. Initiating a new connection to an available target will work as expected. Microsoft is working on a resolution and will provide an update in an upcoming release. For more information about this issue, see the following section.
More information about the iSCSI issue

Windows Server 2012 R2 and Server 2016 computers that experience disconnections to iSCSI attached targets may show many different symptoms. These include, but are not limited to:

  • The operating system stops responding
  • You receive Stop errors (Bugcheck errors) 0x80, 0x111, 0x1C8, 0xE2, 0x161, 0x00, 0xF4, 0xEF, 0xEA, 0x101, 0x133, or 0xDEADDEAD.
  • User log on failures occur together with a "No Logon Servers Available" error.
  • Application and service failures occur because of ephemeral port exhaustion.
  • An unusually high number of ephemeral ports are being used by the System process.
  • An unusually high number of threads are being used by the System process.

Cause

This issue is caused by a locking issue on Windows Server 2012 R2 and Windows Server 2016 RS1 computers, causing connectivity issues to the iSCSI targets. The issue can occur after installing any of the following updates:

Windows Server 2012 R2

Release date

KB

Article title

May 16, 2017

KB 4015553

April 18, 2017—KB4015553 (Preview of Monthly Rollup)

May 9, 2017

KB 4019215

May 9, 2017—KB4019215 (Monthly Rollup)

May 9, 2017

KB 4019213

May 9, 2017—KB4019213 (Security-only update)

April 18, 2017

KB 4015553

April 18, 2017—KB4015553 (Preview of Monthly Rollup)

April 11, 2017

KB 4015550

April 11, 2017—KB4015550 (Monthly Rollup)

April 11, 2017

KB 4015547

April 11, 2017—KB4015547 (Security-only update)

March 21, 2017

KB 4012219

March 2017 Preview of Monthly Quality Rollup for Windows 8.1 and Windows Server 2012 R2

Windows Server 2016 RTM (RS1) 

Release date

KB

Article title

May 16, 2017

KB 4023680

May 26, 2017—KB4023680 (OS Build 14393.1230)

May 9, 2017

KB 4019472

May 9, 2017—KB4019472 (OS Build 14393.1198)

April 11, 2017

KB 4015217

April 11, 2017—KB4015217 (OS Build 14393.1066 and 14393.1083)


Verification

  • Verify the version of the following MSISCSI driver on the system:

    c:\windows\system32\drivers\msiscsi.sys

    The version that will expose this behavior is 6.3.9600.18624 for Windows Server 2012 R2 and version 10.0.14393.1066 for Windows Server 2016.
  • The following events are logged in the System log:

    Event source

    ID

    Text

    iScsiPrt

    34

    A connection to the target was lost, but the Initiator successfully reconnected to the target. Dump data contains the target name.

    iScsiPrt

    39

    The Initiator sent a task management command to reset the target. The target name is given in the dump data.

    iScsiPrt

    9

    Target did not respond in time for a SCSI request. The CDB is given in the dump data.
  • Review the number of threads that are running under the System process, and compare this to a known working baseline.
  • Review the number of handles that are currently opened by the System process, and compare this to a known working baseline.
  • Review the number of ephemeral ports that are being used by the System process.
  • From an administrative Powershell, run the following command:

    Get-NetTCPConnection | Group-Object -Property State, OwningProcess | Sort Count

    Or, from an administrative CMD prompt, run the following NETSTAT command together with the "Q" switch. This shows "bound" ports that are no longer connected:

    NETSTAT –ANOQ

    Focus on ports that are owned by the SYSTEM process.

    For the three previous points, anything more than 12,000 should be considered suspect. If iSCSI targets are present in the computer, there is high probability that the issue will occur.

Resolution

If the event logs indicate that many reconnections are occurring, work with your iSCSI and network fabric vendor to help diagnose and correct the reason for the failure to maintain connections to iSCSI targets. Make sure that iSCSI targets can be accessed over the current network fabric. Install updated fixes when they become available. This article will be updated with the specific KB article number of the fix to install when it becomes available.

Note We do not recommend that you uninstall any of the March, April, May, or June security rollups. Doing so will expose the computers to known security exploits and other bugs that are mitigated by monthly updates. We recommend that you first work with iSCSI target and network vendors to resolve the connectivity issues that are triggering target reconnects.

↑ Back to the top

How to get this update

This is provided as an Optional update on Windows Update. For more information about how to run Windows Update, see How to get an update through Windows Update. To get the stand-alone package for this update, go to the Microsoft Update Catalog website.

  • Prerequisites
    To apply this update, you must have the Windows 8.1 and Windows Server 2012 R2 update from April 2014, KB2919355, installed.
  • File information
    For a list of the files that are provided in this update, download the file information for update 4019217

↑ Back to the top

Keywords: security, windows update, windows 8.1, windows server 2012 r2

↑ Back to the top

Article Info
Article ID : 4019217
Revision : 29
Created on : 8/22/2018
Published on : 8/22/2018
Exists online : False
Views : 551

Major Release

Windows 8.1 and Windows Server 2012 R2 update history

Minor Releases

October 13, 2020—KB4580347 (Monthly Rollup)
October 13, 2020—KB4580358 (Security-only update)
September 8, 2020—KB4577066 (Monthly Rollup)
September 8, 2020—KB4577071 (Security-only update)
August 11, 2020—KB4571703 (Monthly Rollup)
August 11, 2020—KB4571723 (Security-only update)
July 14, 2020—KB4565540 (Security-only update)
July 14, 2020—KB4565541 (Monthly Rollup)
June 9, 2020—KB4561666 (Monthly Rollup)
June 9, 2020—KB4561673 (Security-only update)
May 12, 2020—KB4556846 (Monthly Rollup)
May 12, 2020—KB4556853 (Security-only update)
April 21, 2020—KB4550958 (Preview of Monthly Rollup)
April 14, 2020—KB4550961 (Monthly Rollup)
April 14, 2020—KB4550970 (Security-only update)
March 17, 2020—KB4541334 (Preview of Monthly Rollup)
March 10, 2020—KB4541505 (Security-only update)
March 10, 2020—KB4541509 (Monthly Rollup)
February 25, 2020—KB4537819 (Preview of Monthly Rollup)
February 11, 2020—KB4537803 (Security-only update)
February 11, 2020—KB4537821 (Monthly Rollup)
January 23, 2020—KB4534324 (Preview of Monthly Rollup)
January 14, 2020—KB4534297 (Monthly Rollup)
January 14, 2020—KB4534309 (Security-only update)
December 10, 2019—KB4530702 (Monthly Rollup)
December 10, 2019—KB4530730 (Security-only update)
November 19, 2019—KB4525252 (Preview of Monthly Rollup)
November 12, 2019—KB4525243 (Monthly Rollup)
November 12, 2019—KB4525250 (Security-only update)
October 15, 2019—KB4520012 (Preview of Monthly Rollup)
October 8, 2019—KB4519990 (Security-only update)
October 8, 2019—KB4520005 (Monthly Rollup)
October 3, 2019—KB4524156 (Monthly Rollup)
September 24, 2019—KB4516041 (Preview of Monthly Rollup)
September 10, 2019—KB4516064 (Security-only update)
September 10, 2019—KB4516067 (Monthly Rollup)
August 17, 2019—KB4512478 (Preview of Monthly Rollup)
August 13, 2019—KB4512488 (Monthly Rollup)
August 13, 2019—KB4512489 (Security-only update)
July 16, 2019—KB4507463 (Preview of Monthly Rollup)
July 9, 2019—KB4507448 (Monthly Rollup)
July 9, 2019—KB4507457 (Security-only update)
June 20, 2019—KB4503283 (Preview of Monthly Rollup)
June 11, 2019—KB4503276 (Monthly Rollup)
June 11, 2019—KB4503290 (Security-only update)
May 23, 2019—KB4499182 (Preview of Monthly Rollup)
May 14, 2019—KB4499151 (Monthly Rollup)
May 14, 2019—KB4499165 (Security-only update)
April 25, 2019—KB4493443 (Preview of Monthly Rollup)
April 9, 2019—KB4493446 (Monthly Rollup)
April 9, 2019—KB4493467 (Security-only update)
March 19, 2019—KB4489893 (Preview of Monthly Rollup)
March 12, 2019—KB4489881 (Monthly Rollup)
March 12, 2019—KB4489883 (Security-only update)
February 19, 2019—KB4487016 (Preview of Monthly Rollup)
February 12, 2019—KB4487000 (Monthly Rollup)
February 12, 2019—KB4487028 (Security-only update)
January 15, 2019—KB4480969 (Preview of Monthly Rollup)
January 8, 2019—KB4480963 (Monthly Rollup)
January 8, 2019—KB4480964 (Security-only update)
December 11, 2018—KB4471320 (Monthly Rollup)
December 11, 2018—KB4471322 (Security-only update)
November 27, 2018—KB4467695 (Preview of Monthly Rollup)
November 13, 2018—KB4467697 (Monthly Rollup)
November 13, 2018—KB4467703 (Security-only update)
October 18, 2018—KB4462921 (Preview of Monthly Rollup)
October 9, 2018—KB4462926 (Monthly Rollup)
October 9, 2018—KB4462941 (Security-only update)
September 20, 2018—KB4457133 (Preview of Monthly Rollup)
September 11, 2018—KB4457129 (Monthly Rollup)
September 11, 2018—KB4457143 (Security-only update)
August 30, 2018—KB4343891 (Preview of Monthly Rollup)
August 14, 2018—KB4343888 (Security-only update)
August 14, 2018—KB4343898 (Monthly Rollup)
July 18, 2018—KB4338831 (Preview of Monthly Rollup)
July 10, 2018—KB4338815 (Monthly Rollup)
July 10, 2018—KB4338824 (Security-only update)
June 21, 2018—KB4284863 (Preview of Monthly Rollup)
May 17, 2018—KB4103724 (Preview of Monthly Rollup)
May 8, 2018—KB4103715 (Security-only update)
May 8, 2018—KB4103725 (Monthly Rollup)
April 10, 2018—KB4093114 (Monthly Rollup)
March 22, 2018—KB4088882 (Preview of Monthly Rollup)
March 13, 2018—KB4088876 (Monthly Rollup)
March 13, 2018—KB4088879 (Security-only update)
February 13, 2018—KB4074594 (Monthly Rollup)
February 13, 2018—KB4074597 (Security-only update)
January 17, 2018—KB4057401 (Preview of Monthly Rollup)
January 8, 2018—KB4056895 (Monthly Rollup)
January 3, 2018—KB4056898 (Security-only update)
December 12, 2017—KB4054519 (Monthly Rollup)
December 12, 2017—KB4054522 (Security-only update)
November 27, 2017—KB4050946 (Preview of Monthly Rollup)
November 14, 2017—KB4048958 (Monthly Rollup)
November 14, 2017—KB4048961 (Security-only update)
October 17, 2017—KB4041685 (Preview of Monthly Rollup)
October 10, 2017—KB4041687 (Security-only update)
October 10, 2017—KB4041693 (Monthly Rollup)
September 19, 2017—KB4038774 (Preview of Monthly Rollup)
September 12, 2017—KB4038792 (OS Build Monthly Rollup)
September 12, 2017—KB4038793 (Security-only update)
August 15, 2017—KB4034663 (Preview of Monthly Rollup)
August 8, 2017—KB4034672 (Security-only update)
August 8, 2017—KB4034681 (Monthly Rollup)
July 18, 2017—KB4025335 (Preview of Monthly Rollup)
July 11, 2017—KB4025333 (Security-only update)
July 11, 2017—KB4025336 (Monthly Rollup)
June 27, 2017—KB4022720 (Preview of Monthly Rollup)
June 13, 2017—KB4022717 (Security-only update)
June 13, 2017—KB4022726 (Monthly Rollup)
May 16, 2017—KB4019217 (Preview of Monthly Rollup)
May 9, 2017—KB4019213 (Security-only update)
May 9, 2017—KB4019215 (Monthly Rollup)
April 18, 2017—KB4015553 (Preview of Monthly Rollup)
April 11, 2017—KB4015547 (Security-only update)
April 11, 2017—KB4015550 (Monthly Rollup)
March 21, 2017—KB4012219 (Preview of Monthly Rollup)