Microsoft fixes bug preventing Azure Virtual Desktop security updates
The bug has been a problem since July
Microsoft this week resolved a bug that prevented Azure Virtual Desktop (AVD) devices from downloading and installing monthly security updates via Windows Server Update Services (WSUS). This issue had been ongoing since July.
According to an advisory, Microsoft was investigating a problem where devices running Windows 10 Enterprise multi-session, version 1909 might not download updates after May 2021.
"This is observed in the Settings app under the Windows Update setting, which will display the message 'You're up to date' even if no updates later than May 2021 have been installed," the advisory said.
Both the client (Windows 10 Enterprise multi-session, version 1909) and server (Windows Server multi-session, version 1909) versions of the software were affected.
Microsoft said it addressed the issue in the KB5005565 cumulative update in September for systems running Windows 10, version 2004, and later. There was no explanation as to why it took so long to implement the fix.
The advisory laid out two workarounds to fix the issue and enable users to deploy monthly security updates on Azure Virtual Desktop systems using WSUS if they were unable to the KB5005565 update.
The first workaround asks users to deploy the latest images from the Azure Marketplace, which will be up to date with all security updates. “We recommend that you deploy the latest image to your existing devices which run Windows 10 Enterprise Multi-Session, version 1909 (Azure Virtual Desktops (AVD)),” the advisory stated.
The second workaround, where image redeployment is not an option, requires users to manually download and install missing security updates from the Microsoft Update Catalog.
“Microsoft publishes monthly security updates on the second Tuesday of each month. You can download these updates from the Microsoft Update Catalog as Microsoft Update (.msu) files and deploy them using your management solution,” said Microsoft.
When these files are downloaded, organizations can add them to their endpoint management system and deploy them to devices running Windows 10 Enterprise or Education, version 1909.
The news comes as Microsoft finally makes Windows 11 available on Azure Virtual Desktop. Microsoft said that while the new operating system is out now, Trusted Launch is at preview. This is used to enable TPM 2.0 and secure boot as part of the VM configuration to take full advantage of the security capabilities in Windows 11.
2021 Thales access management index: Global edition
The challenges of trusted access in a cloud-first worldFree download
Transforming higher education for the digital era
The future is yoursFree download
Building a cloud-native, hybrid-multi cloud infrastructure
Get ready for hybrid-multi cloud databases, AI, and machine learning workloadsFree download
The next biggest shopping destination is the cloud
Know why retail businesses must move to the cloudFree Download