News: 1736961314

  ARM Give a man a fire and he's warm for a day, but set fire to him and he's warm for the rest of his life (Terry Pratchett, Jingo)

Windows Patch Tuesday hits snag with Citrix software, workarounds published

(2025/01/15)


Devices that have Citrix's Session Recording software installed are having problems completing this month's Microsoft Patch Tuesday update, which includes important fixes.

Microsoft noted the problem in the list of [1]known issues with the [2]update , which arrived on January 14. According to the Windows vendor, affected devices will download and apply the update, but, after restarting to complete the installation, will show an error along the lines of "Something didn't go as planned. No need to worry – undoing changes" and the devices then roll back.

There are some rather important fixes in the security update, not least to plug under-attack privilege escalation holes in Hyper-V, so for the update to revert due to a problem with Citrix's Session Recording Agent (SRA) is less than ideal.

[3]

The issue occurs with 2411 SRA, which Microsoft noted was a new version. The tech giant estimated that a limited number of organizations would be affected.

Totally Problematic Message

The Citrix issue is more likely to be a problem for managed enterprise devices, but Microsoft also warned of another issue affecting [4]home users who use BitLocker. The vendor said the message, "For your security, some settings are managed by your administrator," might pop up unexpectedly on unmanaged devices, adding it could also crop up on hardware using the Trusted Platform Module (TPM).

The problem appears to be simply the message itself, which might generate occasional consumer support calls but is otherwise just an annoyance. It arrives after BitLocker is enabled and can appear in the BitLocker control pane or "some other places in Windows," according to Microsoft.

The Windows behemoth said: "We are working on a resolution and will provide more information when it is available."

Citrix, which said it was investigating the issue, [5]published a workaround on its support site. In a nutshell, it requires the user or admin to disable the Session Recording Monitor Service before installing the update. The service can then be restarted. The same procedure applies if a user needs to uninstall Microsoft's January 2025 security update.

[6]Microsoft fixes under-attack privilege-escalation holes in Hyper-V

[7]New Outlook marches onto Windows 10 for what little time it has left

[8]Microsoft preps for a year of enterprise-impacting M365 retirements

[9]Security pros baited with fake Windows LDAP exploit traps

Home users are unlikely to be affected by the issue, but enterprises running Citrix components could be. Session Recording records, catalogs, and archives sessions for retrieval and playback. It's either a handy tool for support or a way of monitoring user activity, raising potential privacy concerns, although Citrix [10]noted : "Session Recording isn't designed for the evidence collection for legal proceedings."

The 2411 version was also not designed for Microsoft's updates, by the looks of things.

[11]

Microsoft is looking into the problem too, and while the workaround will be a headache for affected users, it is at least relatively straightforward. ®

Get our [12]Tech Resources



[1] https://support.microsoft.com/en-gb/topic/january-14-2025-kb5050009-os-build-26100-2894-bdbfb097-ea20-487d-9171-718d15e26f1b

[2] https://www.theregister.com/2025/01/15/patch_tuesday_january_2025/

[3] https://pubads.g.doubleclick.net/gampad/jump?co=1&iu=/6978/reg_security/patches&sz=300x50%7C300x100%7C300x250%7C300x251%7C300x252%7C300x600%7C300x601&tile=2&c=2Z4g-FCqfLBQIO550D__U5AAAAQQ&t=ct%3Dns%26unitnum%3D2%26raptor%3Dcondor%26pos%3Dtop%26test%3D0

[4] https://support.microsoft.com/en-gb/topic/after-enabling-bitlocker-for-your-security-some-settings-are-managed-by-your-administrator-is-unexpectedly-displayed-5ad9ee7d-cb2c-4bc3-8aed-e7e0ecd11a83

[5] https://support.citrix.com/s/article/CTX692505-microsofts-january-security-update-failsreverts-on-a-machine-with-2411-session-recording-agent?language=en_US

[6] https://www.theregister.com/2025/01/15/patch_tuesday_january_2025/

[7] https://www.theregister.com/2025/01/10/new_outlook_windows_10/

[8] https://www.theregister.com/2025/01/09/microsoft_enterprise_impacting_retirements/

[9] https://www.theregister.com/2025/01/09/security_pros_baited_by_fake/

[10] https://docs.citrix.com/en-us/session-recording/current-release

[11] https://pubads.g.doubleclick.net/gampad/jump?co=1&iu=/6978/reg_security/patches&sz=300x50%7C300x100%7C300x250%7C300x251%7C300x252%7C300x600%7C300x601&tile=4&c=44Z4g-FCqfLBQIO550D__U5AAAAQQ&t=ct%3Dns%26unitnum%3D4%26raptor%3Dfalcon%26pos%3Dmid%26test%3D0

[12] https://whitepapers.theregister.com/



MicrosoftSpeak

cyberdemon

"Something didn't go as planned. No need to worry – undoing changes"

Arrrrgh!

Whenever I am (fortunately rarely) forced to use a Microsoft product, it is this language that makes me want to throw the computer out of the window

Re: MicrosoftSpeak

Jou (Mxyzptlk)

At least it recovers. Go back to pre-Vista, and you are lost. Vista was the first version which could manage such rollbacks, albeit not as reliable as it does since Windows 8.

I was about to hit on M$, but no...

Jou (Mxyzptlk)

I am currently installing updates. Then I see this article. "Oh great, M$ again". Then read... Wait, NOT M$.

Micros~4 deserves a lot of bashing for its current lack of quality, but over the last several decades I have met a lot of software which fucks up the system. Drivers, copy protection for games, anti-cheat tools, virtual CD tools (which are sort of drivers, and add a upper-lower filter on devices) and so on. And I am not even mentioning "Windows optimization tools" here. Edit: I forgot to add legit DVD and Blu-Ray software players here which prioritize "No Copy Allowed" over being actually working without fucking up the system after the next regular update.

Looks like an ugly Shitrix hack being the fault.

On the other hand: I hope this will be the only problem with this update. I hope it MIGHT solve my [1]Nested-Virtualization-dedup-data-corruption pet bug as a side effect. Will have to re-test in the next few days.

[1] https://techcommunity.microsoft.com/discussions/windowsserverinsiders/nested-v-dedup-corruption-26100-1742-and-insider-26296-5001-and-server-2022-is-s/4263322

Anonymous Coward

More and more these days the word "Microsoft" looks like an advert for Unix.

We are what we pretend to be.
-- Kurt Vonnegut, Jr.