Microsoft has released emergency security updates to address issues with Windows Message Queuing (MSMQ), which arose following the regular December 2023 security updates. These updates impacted several Windows versions, including Windows 10 and multiple Server editions.
Affected Windows Versions
The affected versions include Windows 10 (versions 22H2, 21H2, 1809, 1607) and Windows Server 2012/2012 R2 and up to 2019. Following the December updates, changes to the MSMQ security model and modified NTFS access rights resulted in applications or services without administrative privileges losing key write permissions, causing resource errors and message failures.
Emergency Update Details
Microsoft has issued cumulative updates to address these issues: KB5074976 for Windows 10 (builds 19044.6693 and 19045.6693), KB5074975 for Windows Server 2019, and KB5074974 for Windows Server 2016. Initially, these updates were available only via the Microsoft Update Catalog and not through automatic updates.
Administrative Steps Needed
System administrators utilizing MSMQ in production environments need to manually verify the installation of the December security patches. If affected, they should promptly apply the necessary emergency updates to restore MSMQ functionality and prevent further application outages.
