KB972260 disabling LAN and Wi-Fi connections
On Monday (24th August 09) we updated our Windows Server with the latest Windows updates and all seemed fine until today when none of our PCs, mobile devices or laptops could connect to the network or the Internet.
Note: Suprisingly Skype was working but we had no Outlook, server or browser capability. After a little bit of investigation we found out why our LAN and Wi-Fi wasn’t working. KB972260 was responsible. The problem was caused by Extended Protection for Authentication (EPA) being enabled. EPA is designed to enhance the protection and handling of credentials when authenticating network connections by using Integrated Windows Authentication (IWA). Our office router PPP Authentication and custom settings were also removed, so we had to reset the router back to the original manfacturer configuration.
We also noticed that Microsoft
says you have to enable the EPA by making some changes to Windows Registry – obviously this isn’t completely true as the EPA was in fact enabled by default.
Our solution was to:
- Remove* KB972260 and;
- Remove* KB968389
- Reboot the server and that should be that
*use ‘Add or Remove Programs’ from the ‘Control Panel’
Microsoft have indicated they are aware of the problem and have suggested both home users and Admins to remove the offending updates. They also suggest that users and Admins block the updates from appearing again. A Hotfix should be available for KB972260 in due course.
Update: An additional problem we encountered was the loss of remote workspace and VPN. We removed Microsoft Security Updates: KB973815; KB969883; KB958469; KB960859 as these were known RAS/VPN issues. We also allowed on the router DMZ “PPTP” for VPN and “Remote Web Workspace” for RAS as the KB972260 update had reset the DMZ to ‘block all’. Lastly we checked ports 443 and 4125 were open. Remote office is now back and fully functioning.
Home users and SBS Admins should beware this little creeper.
Safe surfing folks!
This entry was posted in malware
. Bookmark the permalink