Windows Server

Microsoft has confirmed that Windows Server updates from last month’s Patch Tuesday break some Microsoft 365 Defender features that use the network data reporting service.

Redmond describes Microsoft 365 Defender (now known as Defender XDR) as a pre-and post-breach enterprise defense suite that helps coordinate detection, prevention, investigation, and response across an organization’s endpoints, identities, email, and applications.

“Devices which have installed Windows Server updates released June 11, 2024 (KB5039227) might experience problems with Microsoft 365 Defender,” the company explained on the Windows Server health dashboard.

“The Network Detection and Response (NDR) service might encounter issues, resulting in an interruption of network data reporting.”

The known issue (first acknowledged on Friday) only affects Windows Server 2022 systems and will also prevent additional Defender features relying on the NDR service to collect data (like Incident Response and Device Inventory) to work correctly, while others (including Vulnerability Management and Cloud Apps) will be unaffected.

Admins can confirm that systems on their Windows network are impacted by checking the service health page in the Microsoft 365 admin center for new alerts.

Redmond says its engineers are working on a fix, and further information will be provided in an upcoming update.

Other issues with recent Windows Server updates

The company also released an out-of-band update (KB50410540) to fix a KB5039227 bug that caused Azure Synapse SQL Serverless Pool databases on cloud-based SQL servers to go on a “Recovery pending” state. This known issue affects environments using Customer-Managed Key (CMK) and Azure Synapse dedicated SQL pool.

Microsoft is also fixing a third issue caused by KB5039227, which prevents users from changing their account profile pictures.

“When attempting to change a profile picture by selecting the button Start> Settings > Account > Your info and, under Create your picture, clicking on Browse for one, you might receive an error message with error code 0x80070520,” Redmond explains.

Another emergency fix was pushed to Windows Server 2019 systems in May to address a bug causing 0x800f0982 errors when installing the May 2024 Patch Tuesday security updates.

The same month, Microsoft also fixed known issues that broke VPN connections across client and server platforms, triggered domain controller reboots, and caused NTLM authentication failures after installing April’s Windows Server security updates.

Source: www.bleepingcomputer.com