Microsoft has acknowledged that the Windows security updates for April 2024 (KB5036893 for Windows 11, KB5036892 for Windows 10) are causing disruptions to virtual private network (VPN) connections across various client and server platforms. According to information on the Windows health dashboard, devices running Windows may experience VPN connection failures following the installation of either the April 2024 security update or the April 2024 non-security preview update.
The company has also stated that it is actively investigating user reports regarding these issues and will share more details in the coming days. The impacted Windows versions include Windows 11, Windows 10, and Windows Server 2008 onward.
The affected Windows versions and their corresponding problematic security updates are as follows:
For client devices:
- Windows 11 (versions 22H2/23H2) with KB5036893
- Windows 11 (version 21H2) with KB5036894
- Windows 10 with KB5036892
For server platforms:
- -Windows Server 2022 with KB5036909
- Windows Server 2019 with KB5036896
- Windows Server 2016 with KB5036899
- Windows Server 2012 R2 with KB5036960
- Windows Server 2012 with KB5036969
- Windows Server 2008 R2 with KB5036967
- Windows Server 2008 with KB5036932
While Microsoft has yet to pinpoint the root cause of these VPN failures, it has advised home users to seek support through the Windows Get Help app for personal or family accounts. Small businesses and large enterprises needing assistance are directed to use the dedicated “Support for Business” portal.
Currently, there is no known workaround for the VPN issue on affected systems, but users can uninstall the security updates temporarily to mitigate the problem. Microsoft provides instructions on removing the update using the DISM/Remove Package command line option, although doing so removes all security fixes bundled in the cumulative update, not just the VPN-related ones.
Another issue identified in KB5036893, as reported by The Register, pertains to an issue encountered when attempting to change an account profile picture that often leads to error code 0x80070520. Microsoft acknowledged the issue and indicated efforts to resolve it. However, despite the release of KB5036980 on April 23, the problem continues to persist.
In a similar case last year, Microsoft investigated speed issues with L2TP/IPsec VPNs over Wi-Fi connections following April 2023 non-security updates. In January 2022, emergency out-of-band updates were released to address L2TP VPN issues after teh installation of the January 2022 Patch Tuesday updates.