Microsoft has acknowledged a significant issue stemming from the December 2025 security updates, which are disrupting Message Queuing (MSMQ) functionality. This disruption is impacting enterprise applications and Internet Information Services (IIS) websites.
Details of the Issue
The problem is particularly prevalent among systems running Windows 10 22H2, Windows Server 2019, and Windows Server 2016 that have installed the security updates KB5071546, KB5071544, and KB5071543, released during this month’s Patch Tuesday. Users on affected systems are encountering a variety of symptoms, including:
- Inactive MSMQ queues
- IIS sites failing with “insufficient resources” errors
- Applications unable to write to queues
- Misleading error messages indicating “insufficient disk space or memory,” despite adequate resources being available
According to Microsoft, the root of the issue lies in changes made to the security model of the MSMQ service. These changes have altered permissions on a critical system folder, necessitating that MSMQ users possess write access to a directory typically reserved for administrators.
This means that devices where users are logged in with accounts that have full administrative privileges are not affected by this issue. Microsoft elaborated, stating, “This issue is caused by the recent changes introduced to the MSMQ security model and NTFS permissions on C:WindowsSystem32MSMQstorage folder. MSMQ users now require write access to this folder, which is normally restricted to administrators.”
As a result, attempts to send messages via MSMQ APIs may fail, leading to resource errors. This situation also poses challenges for clustered MSMQ environments, particularly under load.
The MSMQ service, available as an optional component on all Windows operating systems, facilitates network communication for applications and is widely utilized in enterprise settings. Microsoft is currently investigating the matter but has yet to provide a timeline for a resolution. It remains unclear whether the company will address the issue in the next scheduled release or opt for an emergency update.
For administrators grappling with this problem, rolling back the updates may be a consideration, albeit one that introduces its own security risks. This situation follows a warning issued by Microsoft in April 2023 regarding a critical vulnerability (CVE-2023-21554) in the MSMQ service, which exposed numerous systems to potential remote code execution attacks.
