Windows Updates, ReFS, VPNs, and why backups are important
January is usually a quiet month, with many of us recovering from the holiday season. Not at Microsoft, however, as they have been busy patching and putting out fires caused by the January 11th update. As The Register notes, this update came with a host of issues for users that performed the update:
“Hyper-V gave up the ghost and domain controllers experienced surprise restarts. The perhaps inappropriately named Windows Resilient File System (ReFS) also had problems following the update, which left volumes inaccessible for some users.”
Following the update, many users attempted to connect to VPNs, only to receive an error message. The Register also notes that these errors occurred on a wide variety of Operating Systems:
“Other users reported problems with VPN connections on Windows versions from the 2015 LTSB edition right up to Windows 11”
These issues were not exclusive to one network protocol either, affecting VPNs using L2TP, IPSEC, and IPSEC IKE, as shown by the ‘Known Issues and notifications’ documentation for the affected Operating Systems:
“IP Security (IPSEC) connections which contain a Vendor ID might fail. VPN connections using Layer 2 Tunneling Protocol (L2TP) or IP security Internet Key Exchange (IPSEC IKE) might also be affected.”
With many people still working remotely, and a variety of Operating Systems and VPN network protocols affected, the issue was widespread. This presented a logistical challenge to IT admins, as they would need to troubleshoot the error with potentially limited access to the systems affected. This would have a negative impact on productivity, with many people unable to access work resources until the error was resolved.
Although the update presented a variety of issues for users, we will focus on the issue accessing ReFS (Resilient File System) volumes. Originally introduced with Windows Server 2012, ReFS was planned to have a gradual roll out to client Operating Systems. However, Microsoft later removed easy ReFS volume creation from Windows 10 in the Windows 10 2017 Fall Creators Update. As a result, ReFS volumes are overwhelmingly found on Server Operating Systems. The update rendered many users unable to access their ReFS formatted volumes, as they appeared as RAW instead of formatted with ReFS. RAW partitions in Windows generally occur when the file system is no longer recognised. This often indicates file system corruption and potential data loss. As noted by The Verge, this issue could have potentially led to users reformatting their partitions in the belief that the file system was corrupted:
“Should the ReFS issue have not been addressed any sooner by Microsoft, they might have believed the drives were faulty, then tried reformatting to NTFS and losing the data”
Luckily, in this case, uninstalling KB5009557 enabled the volumes to be accessed again, although it is important to note that File system drivers are a critical part of Windows, and it is alarming to see a bug in this area. Ensuring that these ReFS volumes are being backed up regularly can mitigate the large amounts of worry that occurs when your volumes show as RAW. Even if the file system was corrupted, a recent backup could be restored to prevent data loss. Macrium Reflect Server and Server plus editions both fully support the ReFS file system.
These server ReFS volumes being unavailable for an undetermined period of time could also cause considerable down time. Macrium viBoot can be used to instantly create a virtual machine using one or more Macrium Image files. Using viBoot, you can instantly create a virtual machine using an image of the server Operating System, and attach the image of the ReFS disk. The end result is a virtual machine that takes the place of the physical machine while you troubleshoot the issue further, reducing the amount of downtime. Check out this Knowledge base article for more information about using Macrium viBoot.
Although the issues that were created by the January 11, 2020 update were swiftly resolved, it acts as a stark reminder that data disasters can happen at any time. With Windows’ chequered history of updates, it is important to be protected, and creating regular backups before a disaster occurs, can help mitigate the impact. Creating an incremental backup before performing a Windows update can give you the peace of mind that in the event of a disastrous update, the system can be restored to a point in time before the update was performed.
If you’d like to learn more about the Microsoft out-of-band update to fix these issues, click here to read more.