SECURITY ENTHUSIAST

An AVD bug has been recently fixed by Microsoft. What the flaw did was to block various Azure Virtual Desktop devices, not letting them downloading and running the monthly updates. These are normally done via WSUS (Windows Server Update Services).

What Was Impacted?

The following platforms were impacted:

  • Version 1909 of Windows 10 Enterprise multi-session
  • Version 1909 of Windows Server multi-session

According to BleepingComputer, Microsoft addressed this problem in KB5005565, a set of updates published in the middle of September. These are related to devices with Windows 10, the 2004 version, and above.

AVD Bug: Further Details

In a document initiated in July and resolved on the 6th of October 2021, Microsoft was detailing the issue by saying:

We are investigating an issue where devices running Windows 10 Enterprise multi-session, version 1909 might not be able to download updates later than May 2021. This is observed in the Settings app under the Windows Update setting, which will display the message “You’re up to date” even if no updates later than May 2021 have been installed.

Source

What Workarounds Are Available

If KB5005565 cannot be implemented straight off, Microsoft has provided 2 workarounds on this issue. You can follow the below 2 mitigation measures described in KB5004926, to roll the monthly updates on Azure Virtual Desktop.

  • Azure Marketplace will contain updated images, aligned with the recent security updates, therefore images redeployment is a requirement for all the devices that are impacted.
  • If your computer does not allow image redeployment, you should go to Microsoft Update Catalog and download and install from there manually what security updates are not yet put in place.

In KB5004926, where the ADV bug issue is also addressed, Microsoft mentions their Patch Tuesday, meaning that every second Tuesday per month Microsoft updates are available. These can be downloaded from Microsoft Update Catalog. You can find them under Microsoft Update (.msu) files.

These downloads are Microsoft Update (.msu) files. You can now add these files to your endpoint management system and deploy to devices running Windows 10 Enterprise or Education, version 1909.

Source

 ADV bug updates

Image Source

What Is Azure Virtual Desktop?

Azure Virtual Desktop (AVD) is basically a cloud-based virtualization service for desktops and applications. It was formerly known as Windows Virtual Desktop. Some of its features include the possibility to have Windows 10 scalability via Windows 10 multi-session deployment, achieve Microsoft 365 Apps virtualization in your company and have a unified management experience for Windows 10, Windows Server, and Windows 7 desktops and apps.

Patch Tuesday September 2021 – Microsoft to Release 60 Security Updates and Patches, Including Two Zero-Day Fixes

Automating Microsoft Optional Quality Updates – Can It Be Done?

Heimdal™ Proactively Protects Its Customers Against Microsoft Exchange Server Exploit

State-of-the-Art Cybersecurity Strategies: Essential Microsoft EDR Tools

Leave a Reply

Your email address will not be published. Required fields are marked *

GO TO TOP