Microsoft has released a fix to fix the fix for NTLM traffic spikes on Windows Server 2019 after the original fix failed to install on some devices where Windows was not set to English language.
The NTLM (New Technology LAN Manager) problem started after the April 2024 update and caused a spike in NTLM traffic on some domain controllers. At the time, Microsoft said: “This issue is likely to affect organizations that have a very small percentage of primary domain controllers in their environment and high NTLM traffic.”
The Windows giant dealt with the problem in KB5037765, released on May 14, 2024.
Except it didn’t. Users began reporting problems with the patch, and Microsoft admitted: “Windows devices attempting to install this update might face issues during the installation process. The installation might fail with an error code 0x800f0982. This issue is more likely to affect devices that do not have the English (United States) language pack.”
The upshot is that Microsoft has had to rush out an Out-of-band update, KB5039705, that will fix the previous fix.
While Microsoft said, “This update addresses a known issue that is related to the English (United States) language pack,” it also noted, “This issue might affect devices that do have that language pack. In that case, the error code is 0x80004005.”
There aren’t any new security updates in the latest patch, but administrators should brace themselves: “After you install this OOB, you must restart [Microsoft’s emphasis] your device” because it is 2024 and of course you need to reboot your server after an update.
Microsoft also confirmed that, along with Server 2019, some users of Windows 10 1809 have encountered issues. However, it pointed out that users of that version’s Home and Pro editions were unlikely to have a problem since those reached the end of servicing in 2020.
Enterprise and IoT LTSC versions will reach the end of extended support on Jan 9, 2029.
Microsoft also said: “If your organization uses the affected platforms and hasn’t yet deployed the May 2024 security update yet, we recommend you apply this OOB update instead.” ®