Next update will correct major LAPS legacy issues on Windows 11
Patch Tuesday came with some pretty nasty legacy issues
3 min. read
Updated on
Read our disclosure page to find out how can you help Windows Report sustain the editorial team. Read more
Key notes
- Microsoft announced that the recent Patch Tuesday rollout brought problems.
- Both Windows 10 and Windows 11 systems now have some LAPS legacy issues.
- This mistake will be corrected with the next security/cumulative update release.
In case you didn’t know, a few days back, the Redmond tech giant announced the availability of Windows LAPS (Local Administrator Password Solution) via the month’s Patch Tuesday.
The feature is available on Windows 10, Windows 11, and also various versions of the Windows Server operating systems.
However, since its release, Microsoft has confirmed interoperability issues with legacy LAPS, so you better keep that in mind if you haven’t yet installed the update bundle.
Speaking of system-breaking bugs, note that the Windows 11 LSA bug was fixed with kernel-mode hardware stack protection.
And, if you were thinking of gaming a bit, the tech giant and Rockstar Games have fixed the Red Dead Redemption 2 bug on Windows 11.
Patch Tuesday brings LAPS legacy issues to Windows 10&11
In other words, when legacy LAPS (MSI package) is installed on machines with the latest Patch Tuesday updates installed, both legacy, as well as the new Windows LAPs break.
Usually, an event log ID 10031 or 10032 is produced with the message LAPS blocked an external request that tried to modify the password of the current managed account.
At first, Redmond developers and security experts were quick to release a quick workaround for this annoying bug.
Thus, if you installed the legacy LAPS GPO CSE on a machine patched with the April 11, 2023 security update and an applied legacy LAPS policy, both Windows LAPS and legacy LAPS would break.
Symptoms included Windows LAPS event log IDs 10031 and 10032, as well as legacy LAPS event ID 6, and everyone was waiting on a fix for this issue.
The only temporary solution was to either uninstall legacy LAPS, or delete all registry values under the HKLM\Software\Microsoft\Windows\CurrentVersion\LAPS\State registry key.
Microsoft also specified that, if you apply a legacy LAPS policy to a device patched with the April 11, 2023 update, Windows LAPS will immediately enforce\honor the legacy LAPS policy.
The company also explained that this may be disruptive, for example if done during OS deployment workflow.
Users were also informed that disabling legacy LAPS emulation mode may also be used to prevent those issues.
Now, however, a senior Microsoft exec has announced that the the issue will be corrected in the next release for each of the affected operating systems.
All that’s left now is to actually wait for Microsoft to finish work on this fix patch andrelease it via the next cumulative update batch.
Until then, make sure you steer clear of this area, just to avoid any unpleasant situations. Comment below if you had to deal with this annoying issue.
User forum
0 messages