Full Report
Microsoft has fixed a known issue that caused problems with Remote Desktop and RDS connections after installing Windows updates released since January 2025. [...]
Analysis Summary
# Vulnerability: Remote Desktop Service Instability Following Windows/Server Updates
## CVE Details
- CVE ID: Not explicitly detailed in the provided text. This appears to be a widespread functional instability issue caused by updates, not a specific security CVE.
- CVSS Score: Not applicable/Not provided.
- CWE: Not applicable/Not provided (Functional Issue, not a classic vulnerability).
## Affected Systems
- Products: Windows 11 (specifically 24H2 mentioned), Windows Server 2025.
- Versions: Systems running Windows 11 24H2, Windows Server 2025 after installing certain cumulative updates (including those released since February 2025 Patch Tuesday).
- Configurations: Systems utilizing Remote Desktop services.
## Vulnerability Description
The provided text describes functional issues rather than specific security vulnerabilities. These issues include:
1. Remote Desktop service (RDP) freezing on Windows Server 2025 systems after installing certain updates released since February 2025. This issue also affected Windows 11 24H2 systems.
2. Connection errors on Windows 11 24H2 systems when attempting to restore data from Veeam Backup & Replication servers or SMB network shares after applying updates.
3. USB printer issues causing random text printing artifacts after installing updates released since late January 2025.
## Exploitation
- Status: Not applicable (These are functional failures/bugs, not security exploits).
- Complexity: Not applicable.
- Attack Vector: Not applicable.
## Impact
- Confidentiality: Low (Indirect impact possible if stability issues affect critical operation).
- Integrity: Medium (Impacts system integrity through functional failures).
- Availability: High (RDP freezing/connection errors directly impacts system availability and administrative access).
## Remediation
### Patches
- **Windows Server 2025/Windows 11 (RDP Freezing Issue):** The issue on Windows 11 24H2 was resolved with the optional update **KB5052093** (released February 25). The fix for Server 2025 will roll out with a future Windows update.
- **General Fix for Pending RDP Issue:** Microsoft provided a fix via the **KB5053656 preview update** for Windows 11 2025 users to address existing RDP instability issues. This fix will be generally available in the next month's cumulative updates.
- **Veeam/SMB Connection Errors (Win 11 24H2):** Microsoft is actively investigating/working on a fix in collaboration with Veeam.
- **USB Printer Issues:** Fixed by updates released subsequent to the January 2025 updates.
### Workarounds
- For enterprise-managed devices awaiting the general fix for pending RDP issues, administrators can deploy the fix using a **Known Issue Rollback group policy**.
## Detection
- Indicators of Compromise: System logs showing repeated RDP connection failures, service crashes, or unexpected behavior post-update installation. Monitoring for RDP session instability or freezes.
- Detection methods and tools: Standard system monitoring tools; Event Viewer logs related to RDP/Terminal Services.
## References
- Vendor advisories: Microsoft Know Issues documentation regarding RDP instability on Server 2025 and Windows 11 24H2.
- Relevant links - defanged:
- hxxps://www.bleepingcomputer.com/news/microsoft/windows-11-kb5053656-update-released-with-38-changes-and-fixes/
- hxxps://www.bleepingcomputer.com/news/microsoft/microsoft-recent-windows-updates-cause-remote-desktop-issues/
- hxxps://support.microsoft.com/en-us/topic/february-25-2025-kb5052093-os-build-26100-3323-preview-053856ea-f984-4bdb-866c-5f356f5a451b
- hxxps://www.bleepingcomputer.com/news/microsoft/recent-windows-server-2025-updates-cause-remote-desktop-freezes/
- hxxps://www.bleepingcomputer.com/news/microsoft/windows-11-update-breaks-veeam-recovery-causes-connection-errors/
- hxxps://www.bleepingcomputer.com/news/microsoft/microsoft-fixes-printing-issues-caused-by-january-windows-updates/