this post was submitted on 01 May 2024
154 points (77.5% liked)

Technology

59091 readers
3545 users here now

This is a most excellent place for technology news and articles.


Our Rules


  1. Follow the lemmy.world rules.
  2. Only tech related content.
  3. Be excellent to each another!
  4. Mod approved content bots can post up to 10 articles per day.
  5. Threads asking for personal tech support may be deleted.
  6. Politics threads may be removed.
  7. No memes allowed as posts, OK to post as comments.
  8. Only approved bots from the list below, to ask if your bot can be added please contact us.
  9. Check for duplicates before posting, duplicates may be removed

Approved Bots


founded 1 year ago
MODERATORS
all 50 comments
sorted by: hot top controversial new old
[–] [email protected] 154 points 6 months ago (2 children)

PCWorld:

Microsoft’s latest Windows update breaks VPNs, and there’s no fix

What Microsoft actually said:

Windows devices might face VPN connection failures after installing the April 2024 security update, or KB5036893. We are working on a resolution and will provide an update in an upcoming release

I'm so fed up with everyone trying to make a quick buck on our constant struggle to stay safe.

[–] [email protected] 35 points 6 months ago* (last edited 6 months ago)

The reality is that it broke "something* in certain lpt2/ipsec connections using certain authentication protocols, although they haven't yet specified which particular connection technologies are affected.

However this does not mean that a blanket affect of ALL VPN connection not working is an issue.

So far we are unaffected on clients using ipsec and PAP protocol authentication, nor connections using Anyconnect (aka Cisco Secure Connect).

I have also not seen any affect on private VPN clients such as PIA or Nord on machines that have this update.

I suspect what broke was clients using MSChap, Microsoft's own protocol for authentication for VPN clients.

Source: an admin with 200+ client machines with VPN connections that are not impacted after installing this update.

[–] [email protected] 10 points 6 months ago

absolutely bonkers take

[–] [email protected] 70 points 6 months ago (4 children)

I dunno man. I'm convinced that pretty much any mention of VPN these days is just an ad for vpns. That's with this article looks like.

[–] [email protected] 42 points 6 months ago (1 children)

Yeah, you're not wrong that the article kinda sets itself up for the "lookit our recommended VPNs" pitch.

There's no way Microsoft would purposefully disable VPNs from working. I can guarantee that they require VPNs for thousands of roles in the company, let alone breaking it for government agencies that require VPNs, etc.

It is good to know that a specific update can break something ahead of time, though. Then at least you can avoid it.

[–] [email protected] 16 points 6 months ago

There's no way Microsoft would purposefully disable VPNs from working

No, but they've done it accidentally before.

One time a few years ago it broke all LT2P VPN's unless you removed a specific KB########.

IIRC, six months later there was still no fix.

I think it's been fixed now, though.

[–] [email protected] 26 points 6 months ago (1 children)

And now a word from our sponsor, Nor-

[–] [email protected] 15 points 6 months ago (1 children)

Skip 10 seconds. Skip 10 seconds. Skip 10 seconds.

[–] [email protected] 23 points 6 months ago (2 children)

Give up and install SponsorBlock.

[–] [email protected] 8 points 6 months ago (1 children)

But it's NordVPN.com/BigMoney. The ad is the best part of the video.

[–] [email protected] 6 points 6 months ago (1 children)

Bounced on my boy’s Raycons to this for hours

[–] [email protected] 3 points 6 months ago

I do hope you were playing an invigorating game of Raid Shadow Legends at the time.

[–] [email protected] 6 points 6 months ago

all ad copy is an ad for sponsor block

[–] [email protected] 0 points 6 months ago

Its actually real news

[–] [email protected] 26 points 6 months ago

It may be unintentional bug. People in the enterprise world need VPN for corporate purposes, they will fix it dont worry

[–] [email protected] 22 points 6 months ago (4 children)

Doesn't seem to have impacted Wireguard.

load more comments (4 replies)
[–] [email protected] 22 points 6 months ago* (last edited 6 months ago) (1 children)

thats going to be an issue - at my work roughly 60% of the userbase is connected via VPN at any given point - so, ~40,000 people or so

[–] [email protected] 0 points 6 months ago

That's a paddlin.

[–] [email protected] 8 points 6 months ago* (last edited 6 months ago)

Looks like their policy to prefer cheap labor they hire from Asia rather than paying local U.S. developers a living wage is starting to bite them in the ass.

[–] [email protected] 7 points 6 months ago

Obligatory Linux plug.

[–] [email protected] 5 points 6 months ago

You are gonna test the software for a multi-billion dollar cooperation and you are gonna like it!

[–] [email protected] 4 points 6 months ago (1 children)

Is it too late to turn off security updates and avoid this issue?

[–] [email protected] 1 points 6 months ago (1 children)

And this is exactly why I don't do auto updates (and people around here berate me for it, saying my systems are unsafe).

Hell, Windows LTSC only gets updates twice a year (which is what I run).

[–] [email protected] 1 points 6 months ago

LTSC is great.
Much less bloat and bs too.

[–] [email protected] 2 points 6 months ago

Has anyone here been running into this issue realtime since the update?