Microsoft has acknowledged a significant issue stemming from last month’s Windows security updates, which are disrupting SSH connections on select Windows 11 22H2 and 23H2 systems. This problem primarily affects enterprise, IoT, and education customers, though the company assures that only a “limited number” of devices are experiencing these complications.
In an effort to clarify the situation, Microsoft is currently investigating whether users of the Windows 11 Home or Pro editions are also impacted. According to updated support documents related to October’s Patch Tuesday updates, the company noted, “Following the installation of the October 2024 security update, some customers report that the OpenSSH (Open Secure Shell) service fails to start, preventing SSH connections.” The issue appears to occur without detailed logging, necessitating manual intervention to initiate the sshd.exe process.
Temporary Workaround for Affected Users
While a permanent fix is in the works, Microsoft has provided a temporary solution for those experiencing SSH connection issues. Affected customers can adjust access control list (ACL) permissions on specific directories by following these steps:
- Open PowerShell as an Administrator.
- Update the permissions for the “C:ProgramDatassh” and “C:ProgramDatasshlogs” folders to grant full control to the SYSTEM and Administrators group while allowing read access for Authenticated Users. If necessary, read access can be restricted to particular users or groups by modifying the permissions string.
- Utilize the following PowerShell script to update the permissions:
$directoryPath = "C:ProgramDatassh" $acl = Get-Acl -Path $directoryPath $sddlString = "O:BAD:PAI(A;OICI;FA;;;SY)(A;OICI;FA;;;BA)(A;OICI;0x1200a9;;;AU)" $securityDescriptor = New-Object System.Security.AccessControl.RawSecurityDescriptor $sddlString $acl.SetSecurityDescriptorSddlForm($securityDescriptor.GetSddlForm("All")) Set-Acl -Path $directoryPath -AclObject $acl
Microsoft is diligently working on a resolution that will be included in a forthcoming Windows update, with additional details to be shared once a solution is finalized.
In a related development, Microsoft announced that the October Patch Tuesday updates have successfully addressed fingerprint sensor freeze issues affecting Windows 11 24H2 devices when locked. Additionally, a safeguard hold that was preventing Windows 11 24H2 upgrades on impacted systems has been lifted following the resolution of these fingerprint issues. Users can expect the update to be rolled out within the next 48 hours, although a device restart may expedite the process.
Last month, Microsoft also rectified a known issue in the September preview cumulative update that was hindering some applications from launching on Windows 10 22H2 systems when initiated from non-admin accounts. Furthermore, the company addressed another issue that disrupted Remote Desktop connections in enterprise networks after the installation of the July security updates.
