KB972260 disabling LAN and Wi-Fi connections

On Monday (24th August 09) we updated our Windows Server with the latest Windows updates and all seemed fine until today when none of our PCs, mobile devices or laptops could connect to the network or the Internet.
Note: Suprisingly Skype was working but we had no Outlook, server or browser capability. After a little bit of investigation we found out why our LAN and Wi-Fi wasn’t working. KB972260 was responsible. The problem was caused by Extended Protection for Authentication (EPA) being enabled. EPA is designed to enhance the protection and handling of credentials when authenticating network connections by using Integrated Windows Authentication (IWA). Our office router PPP Authentication and custom settings were also removed, so we had to reset the router back to the original manfacturer configuration.
We also noticed that Microsoft says you have to enable the EPA by making some changes to Windows Registry – obviously this isn’t completely true as the EPA was in fact enabled by default.
Our solution was to:
  • Remove* KB972260 and;
  • Remove* KB968389
  • Reboot the server and that should be that
*use ‘Add or Remove Programs’ from the ‘Control Panel’

Microsoft have indicated they are aware of the problem and have suggested both home users and Admins to remove the offending updates. They also suggest that users and Admins block the updates from appearing again. A Hotfix should be available for KB972260 in due course.
Update: An additional problem we encountered was the loss of remote workspace and VPN. We removed Microsoft Security Updates: KB973815; KB969883; KB958469; KB960859 as these were known RAS/VPN issues. We also allowed on the router DMZ “PPTP” for VPN and “Remote Web Workspace” for RAS as the KB972260 update had reset the DMZ to ‘block all’. Lastly we checked ports 443 and 4125 were open. Remote office is now back and fully functioning.
Home users and SBS Admins should beware this little creeper.
Safe surfing folks!
This entry was posted in malware, windows. Bookmark the permalink.

One Response to KB972260 disabling LAN and Wi-Fi connections

  1. Anonymous says:

    Can anyone recommend the robust RMM utility for a small IT service company like mine? Does anyone use Kaseya.com or GFI.com? How do they compare to these guys I found recently: N-able N-central remote management
    ? What is your best take in cost vs performance among those three? I need a good advice please… Thanks in advance!

Leave a Reply

Your email address will not be published. Required fields are marked *