Hot fix KB5041571
The article released on August 13, 2024 regarding the security update for Windows 11 for hot fix KB5041571 discusses the new features and improvements to the operating system.
The security update includes changes to the lock screen, NetJoinLegacyAccountReuse, Secure Boot Advanced Targeting (SBAT) and Linux Extensible Firmware Interface (EFI), and Domain Name System (DNS).
The article also includes a servicing stack update to improve the reliability of the Windows update process. Some known issues include the inability to download or play Roblox on Arm devices. The update is available through Windows Update, Microsoft Update, Windows Update for Business, and WSUS.
Issues with Auto-Install update KB5041571
The update KB5041571 resolves security vulnerabilities in your Windows operating system. But recently, after the hot fix, users were unable to use Remote Desktop Protocol (RDP) from the Disk on Key (DOK) or directly, due to the hot fix changing the Basic Input/Output System (BIOS) configuration.
After auto-install of the Windows update KB5041571 customers around the world began to receive a policy violation message when trying to login. In order to remediate the problem, they uninstalled the hot fix and changed the BIOS configuration. This issue is related to changes to the Secure Boot option at the BIOS that should not allow to boot from DOK or from one RDP to another.
Remediation
A robust testing environment should have been in place to thoroughly evaluate updates before deploying them to production systems. In an enterprise organization testing should have included various scenarios, including different BIOS configurations, boot methods (DOK, RDP), and potential interactions with other security measures.
Maintaining a standardized, secure baseline configuration for hardened servers ensures consistency and reduces the attack surface. Regular audits and enforcement of these configurations can help prevent unauthorized changes.
