After a Windows update, what should you expect?

Let’s get this straight: It’s not normal for a Windows update to remove software. It’s designed to install the update, not change software already in place on your system. 

At least, updates are not supposed to remove software. Since March, however, if you run the RDgateway broker service on Server 2022 (and only that version), the monthly cumulative updates have removed that service. This behavior is not normal; this is a bug.

As Microsoft notes in the Microsoft 365 Admin dashboard: “We have received reports that after installing KB5005575 or later updates on Windows Server 2022 Standard Edition, Remote Desktop Services Connection Broker role and supporting services might be removed unexpectedly. We have expedited investigation and are working on a resolution. Note: Windows Server 2022 Datacenter edition and other versions of Windows Server are not affected by this issue.”

Microsoft is researching the issue and will ultimately fix the bug.

The key thing to remember is that this behavior is not normal.

Patches shouldn’t remove a user, either

If there is a third-party security product or application that keeps certain files locked during boot, the system will reboot after an update using a temporary profile. This can cause confusion. Rather than boot to a blue screen of death, the system will just boot to the point where you think Microsoft has removed applications. The tale-tell sign: when the system boots  to a blank user profile that no longer has your customizations.

Normally, a second reboot should restore the normal user profile. If it doesn’t, there are steps to get back to the original profile. In the Askwoody forums, user BTBS laid out the steps:

1. In Command Prompt, type “wmic useraccount get name,sid” and press Enter.
2. Look for your user name and note its SID – usually a number in the 1000’s for normal users.
3. Open registry editor “regedit.”
4. Navigate to “computerHKEY_LOCAL_MACHINESOFTWAREMicrosoftWindows NTCurrentVersionProfilelist”
5. Look for your SID. If there [are] two entries (e.g. xxxx-1001 and xxxx-1001.bak) then your issue is the same as I experienced. The “.bak” entry is your original ‘good’ account. The non-.bak entry is the temporary account.

You can fix this by:

1. Delete the entry without the “.bak” (or rename it as “.bak2” or something else).
2. Remove the “.bak” from the remaining entry.
3. Log off/on and it should be fixed. If it is fixed and you renamed the [without .bak] entry at step 1, instead of deleting it you should delete it now.

Windows 10 and 11 versions now ready for ‘broad deployment’

All of these patching issues matter because Microsoft is now making Windows 10 21H2 widely available to users. You’ll want to make sure that you click on Start>Settings>System>About, and scroll down to ensure you are 21H2. If you are not, use the InControl tool to review whether you have set a registry key to block to 21H2. (As of May 10, support for Windows 10 version 20H2 service ended, which is why is important to move now.)

Broad deployment means Microsoft considers a version of Windows to be finalized with no major hardware issues to block the installation.

And as of May 17, Windows 11 was all considered ready for broad deployment. (While Microsoft has indicated that Windows 11 is “complete,” I still consider it to be a work in progress.)

Feature releases need time to install

When you install a feature release or an update to Windows 11, give yourself a bit of time for the machine to receive the update. If your hardware is offline more than it is online, you will often find it’s  not receiving updates. So keep it online for a bit of time to ensure it checks with Microsoft to run any updates. Then after the feature release is installed, give your hardware time to reindex files and process the upgrade. (And review your key applications after you install updates to ensure they are all working.)

Reminder: updates will go smoother if you have an SSD as your booting hard drive. This will ensure that you have a good running experience using Windows 10.

Most patches are actually well behaved

When patches cause issues, they garner headlines in the tech industry. Most of the time, though, patches don’t cause side effects. Most Microsoft users won’t see any of the known issues documented in the Heath release dashboard. But there are times when patches do cause issues.

If, after installing an update, you have an unexpected side effect, uninstall the update. If the issue goes away, the update is the issue. If it does not go away, then the patch probably isn’t the root cause of what’s going wrong. At the same time, if someone reports an issue, the symptom may not occur on your workstation.  

The bottom line is that patches shouldn’t be avoided forever. In fact, skipping updates in the past has triggered issues, which is Microsoft made updates cumulative. It found that users too often skipped an update — and that led to later problems.