AskWoody Plus Alert Logo
ISSUE 19.02.1 • 2022-01-12
MS-DEFCON 1: Business patchers be on alert


By Susan Bradley

For those running a network with a domain controller, the side effects this month are extreme. Don’t patch.

MS-DEFCON 1 is a very rare occurrence. When I raise the level that high, it’s because I’m seeing critical issues with patches.

Microsoft has a technology called Active Directory that allows workstations to authenticate with a “domain controller.” This month’s updates are causing such drastic issues with domain controllers that they can become stuck in a boot loop. That is definitely an MS-DEFCON 1 condition. You should not release patches.

Patches that can cause problems include the following:

It’s unclear if Server 2022 is similarly impacted. I am looking in to the matter.

VPN side effects

I’m also tracking issues with the interaction of Windows updates and Virtual Private Network software. Mind you, I don’t see this with consumer-style VPN applications. It’s only with business solutions that use a specific type of protocol called L2TP VPN. As of this moment, there is no workaround except not installing this months updates. Whether the ultimate fix will come from Microsoft or the VPN software vendors is not yet known.

Consumer and home users

If you have already installed patches on your DESKTOP computers, don’t panic. I’ve installed this month’s updates on my own personal computer and suffered no side effects. If you’ve already installed them and, like me, have no problems, you’re probably safe. However, if you have not yet installed this month’s updates, I recommend being a prudent patcher and delaying until I bring the MS-DEFCON level down.

It seems very clear that businesses with Microsoft domain controllers are at greatest risk. Of course, if you’re an advanced home user and happen to be running a domain controller, pretend you’re a business and take notice.

Business users

I strongly recommend that you do not install domain controller updates until more is known about the problem. For now, the number or reports I’ve seen is sufficient to warrant raising the MS-DEFCON level.

Expect more guidance on this matter in next week’s Plus newsletter.



Talk Bubbles Join the conversation! Your questions, comments, and feedback
about this topic are always welcome in our forums!

Susan Bradley is the publisher of the AskWoody newsletters.

The AskWoody Newsletters are published by AskWoody Tech LLC, Fresno, CA USA.

Your subscription:

Microsoft and Windows are registered trademarks of Microsoft Corporation. AskWoody,, Windows Secrets Newsletter,, WinFind, Windows Gizmos, Security Baseline, Perimeter Scan, Wacky Web Week, the Windows Secrets Logo Design (W, S or road, and Star), and the slogan Everything Microsoft Forgot to Mention all are trademarks and service marks of AskWoody Tech LLC. All other marks are the trademarks or service marks of their respective owners.

Copyright ©2022 AskWoody Tech LLC. All rights reserved.