Notice: This website is an unofficial Microsoft Knowledge Base (hereinafter KB) archive and is intended to provide a reliable access to deleted content from Microsoft KB. All KB articles are owned by Microsoft Corporation. Read full disclaimer for more details.

June 27, 2017—KB4022720 (Preview of Monthly Rollup)


View products that this article applies to.

Improvements and fixes

This non-security update includes improvements and fixes that were a part of Monthly Rollup KB4022726 (released June 13, 2017) and also includes these new quality improvements as a preview of the next Monthly Rollup update:

  • Addressed issue where applications stop receiving SNMP traps after a random time. When this happens, no application can receive SNMP traps. A restart of the computer will temporarily resolve the issue.
  • Addressed issue to provide Server Message Block version 1 auditing on Windows Server 2012 R2.
  • Addressed issue where multiple tenant VMs reboot when one or more solid-state drives (SSDs) are removed from pool 1 of the Cloud Platform System (CPS) rack.
  • Addressed an issue where Internet Explorer and Microsoft Edge printing from a frame may result in 404 not found or blank page printed.
  • Addressed issue where certutil.exe can no longer generate an EPF file when attempting to recover a key for a version 1 certificate.
  • Addressed an issue where MPIO failover stops after a disk has been surprise removed, identified by Event ID 157: "Disk X has been surprised removed" when there are still viable paths to use. Scenario may occur when the newly selected path belongs to the disk that has been surprised removed.
  • Addressed issue where a server crash causes loss of access to files and requires full recoveries for mirrored data.

  • Addressed issue with NTFS error event, ID:55, that occurs when using Unified Write Filter in DISK mode.

  • Addressed issue where, when running ChkDsk on a volume that has several million files, ChkDsk may take several weeks to complete and appears to be stuck in Stage 3.

  • Updated the Access Point Name database.

  • Addressed issue where, when a system resumes from sleep, printers appear offline over Wi-Fi networks even though they are online. This occurs on Wi-Fi networks that are susceptible to dropped packets.

  • Addressed issue where a race condition causes an NFS server error (0x0000000A) when an NFS client mounts and unmounts an NFS share.

  • Addressed issue where stop error 0x50 may occur when querying the clients that are connected to a Network File System (NFS) in Windows Server 2012 R2.

  • Addressed issue where the svchost.exe process, which hosts the Remote Desktop gateway service, crashes. In the application log, application error 1000 occurs, and the faulting module points to c:\windows\system32\aaedge.dll. This restarts the Remote Desktop gateway service, which causes Remote Desktop connections to drop.

  • Addressed issue where intermittently, Remote Desktop sessions can stall on logoff when winlogon.exe is blocked waiting on DWM.exe. The blockage is due to a timing issue that halts DWM.exe. User sessions cannot be reused, and the Remote Desktop server must be rebooted to clear the stalled session(s).

  • Addressed issue about the Hyper-V integration service that causes users to lose network access when Accelerated Networking (single root I/O virtualization (SR-IOV)) is enabled on guest Virtual Machines (VM). The netvsc_vfpp protocol provides IO virtualization functionality for NICs that support SR-IOV. If the protocol is removed and multiple NICs are attached to a guest VM, network access is lost.

  • Addressed issue to update time zone information.

  • Updated IDNA table to support resolving the latest Unicode emoji characters from punycode.

  • Addressed issue with performance degradation when multiple clients connect to LDAP using SSL/certificate based authentication.

  • Addressed a reliability issue in Windows Search.

  • Addressed issue where CRM UI may hang when pressing the reply button in mail workflow.

  • Addressed issue where the Microsoft Standard NVM Express Driver (stornvme) incorrectly exposed inactive namespaces as disks to the OS. The OS cannot use inactive namespaces and they should not be exposed to the OS.

  • Added SMB1 access auditing on Windows Server 2012 R2.  The auditing will be disabled by default.  When it is enabled, an auditing event will be logged with the client address when an SMB1 client tries to connect to the server.  This is to allow customers to make an informed decision on SMB1 usage before disabling or removing SMB1 on Windows Server 2012 R2.  
     
     
    To enable SMB1 access auditing, run the following powershell cmdlet with the option below with elevated privileges:
    Set-SmbServerConfiguration -AuditSmb1Access $true

    To disable SMB1 access auditing, run  the followingpowershell cmdlet with the option below with elevated privileges:
    Set-SmbServerConfiguration -AuditSmb1Access $false

↑ Back to the top


Known issues in this update

Symptom Workaround

After you install this update, Internet Explorer 11 may close unexpectedly when you visit some websites. When the problem occurs, you may receive an error message that resembles the following:

We were unable to return you to [previous URL]
Internet Explorer has stopped trying to restore this website. It appears the website continues to have a problem.

The problem may occur if the website is complex and uses certain web API's.

This issue is resolved in July 11, 2017—KB4025336 (Monthly Rollup).
If an iSCSI target becomes unavailable, attempts to reconnect will cause a leak. Initiating a new connection to an available target will work as expected. Microsoft is researching this problem and will update this article when more information becomes available.
For more information about this issue, see the following section.
More information about the iSCSI issue

Windows Server 2012 R2 and Server 2016 computers that experience disconnections to iSCSI attached targets may show many different symptoms. These include, but are not limited to:

  • The operating system stops responding.
  • You receive Stop errors (Bugcheck errors) 0x80, 0x111, 0x1C8, 0xE2, 0x161, 0x00, 0xF4, 0xEF, 0xEA, 0x101, 0x133, or 0xDEADDEAD.
  • User log on failures occur together with a "No Logon Servers Available" error.
  • Application and service failures occur because of ephemeral port exhaustion.
  • An unusually high number of ephemeral ports are being used by the System process.
  • An unusually high number of threads are being used by the System process.

Cause

This issue is caused by a locking issue on Windows Server 2012 R2 and Windows Server 2016 RS1 computers, causing connectivity issues to the iSCSI targets. The issue can occur after installing any of the following updates:

Windows Server 2012 R2

Release date

KB

Article title

May 16, 2017

KB 4015553

April 18, 2017—KB4015553 (Preview of Monthly Rollup)

May 9, 2017

KB 4019215

May 9, 2017—KB4019215 (Monthly Rollup)

May 9, 2017

KB 4019213

May 9, 2017—KB4019213 (Security-only update)

April 18, 2017

KB 4015553

April 18, 2017—KB4015553 (Preview of Monthly Rollup)

April 11, 2017

KB 4015550

April 11, 2017—KB4015550 (Monthly Rollup)

April 11, 2017

KB 4015547

April 11, 2017—KB4015547 (Security-only update)

March 21, 2017

KB 4012219

March 2017 Preview of Monthly Quality Rollup for Windows 8.1 and Windows Server 2012 R2

Windows Server 2016 RTM (RS1)

Release date

KB

Article title

May 16, 2017

KB 4023680

May 26, 2017—KB4023680 (OS Build 14393.1230)

May 9, 2017

KB 4019472

May 9, 2017—KB4019472 (OS Build 14393.1198)

April 11, 2017

KB 4015217

April 11, 2017—KB4015217 (OS Build 14393.1066 and 14393.1083)


Verification

  • Verify the version of the following MSISCSI driver on the system:

    c:\windows\system32\drivers\msiscsi.sys

    The version that will expose this behavior is 6.3.9600.18624 for Windows Server 2012 R2 and version 10.0.14393.1066 for Windows Server 2016.
  • The following events are logged in the System log:

    Event source

    ID

    Text

    iScsiPrt

    34

    A connection to the target was lost, but the Initiator successfully reconnected to the target. Dump data contains the target name.

    iScsiPrt

    39

    The Initiator sent a task management command to reset the target. The target name is given in the dump data.

    iScsiPrt

    9

    Target did not respond in time for a SCSI request. The CDB is given in the dump data.

  • Review the number of threads that are running under the System process, and compare this to a known working baseline.
  • Review the number of handles that are currently opened by the System process, and compare this to a known working baseline.
  • Review the number of ephemeral ports that are being used by the System process.
  • From an administrative Powershell, run the following command:

    Get-NetTCPConnection | Group-Object -Property State, OwningProcess | Sort Count

    Or, from an administrative CMD prompt, run the following NETSTAT command together with the "Q" switch. This shows "bound" ports that are no longer connected:

    NETSTAT –ANOQ

    Focus on ports that are owned by the SYSTEM process.

    For the three previous points, anything more than 12,000 should be considered suspect. If iSCSI targets are present in the computer, there is high probability that the issue will occur.

Resolution

If the event logs indicate that many reconnections are occurring, work with your iSCSI and network fabric vendor to help diagnose and correct the reason for the failure to maintain connections to iSCSI targets. Make sure that iSCSI targets can be accessed over the current network fabric. Install updated fixes when they become available. This article will be updated with the specific KB article number of the fix to install when it becomes available.

Note We do not recommend that you uninstall any of the March, April, May, or June security rollups. Doing so will expose the computers to known security exploits and other bugs that are mitigated by monthly updates. We recommend that you first work with iSCSI target and network vendors to resolve the connectivity issues that are triggering target reconnects.

Collapsible element body

 

↑ Back to the top


How to get this update

This is provided as an Optional update on Windows Update. For more information about how to run Windows Update, see How to get an update through Windows Update. To get the stand-alone package for this update, go to the Microsoft Update Catalog website.

↑ Back to the top


Prerequisites

You must have the following update installed:

2919355 Windows RT 8.1, Windows 8.1, and Windows Server 2012 R2 update: April 2014

↑ Back to the top


Keywords: update, windows 8.1 update, windows server 2012 R2 update

↑ Back to the top

Article Info
Article ID : 4022720
Revision : 63
Created on : 11/17/2017
Published on : 11/17/2017
Exists online : False
Views : 694

Minor Releases