Windows KB5009543 and KB5009566 updates break L2TP VPN connections

Windows KB5009543 and KB5009566 updates break L2TP VPN connections

Hello everyone,

January Patch Tuesday updates are out and Windows administrators have been seeing issues with the Windows 10 KB5009543 and Windows 11 KB5009566 cumulative updates. These updates seemingly break L2TP VPN connections.

The issue:

Users who have installed the above mentioned updates, find their L2TP VPN connections, broken when attempting to connect using the Windows VPN client. When attempting to connect to a VPN device, they are shown an error stating, "Can't connect to VPN. The L2TP connection attempt failed because the security layer encountered a processing error during initial negotiations with the remote computer.

The Event Log will also log entries with error code 789, stating that the connection to the VPN failed.

Affected versions:

The bug is not affecting all VPN devices and seems only to be affecting users using the built-in Windows VPN client to make the connection.


Many Reddit reports also mention connection failures to SonicWall, Cisco Meraki, and WatchGuard Firewalls.

With many users working remotely and using VPN, this breakage has cost a lot and Windows admins have had to remove it.

Affected patches:

Below we have mentioned the list of affected patches. You can search for the Patch IDs or Bulletin IDs in Desktop Central and decline them, until Microsoft rolls out an official fix for the same.

 Bulletin ID
 Patch ID
 Patch Description
 MS22-JAN3
 32770
2022-01 Cumulative Update for Windows 10 Version 20H2 for x64-based Systems (KB5009543)
 MS22-JAN3
 32772
2022-01 Cumulative Update for Windows 10 Version 21H1 for x64-based Systems (KB5009543)
 MS22-JAN3
 32775
2022-01 Cumulative Update for Windows 10 Version 21H2 for x64-based Systems (KB5009543)
 MS22-JAN3
 32769
2022-01 Cumulative Update for Windows 10 Version 20H2 for x86-based Systems (KB5009543)
 MS22-JAN3
 32773
2022-01 Cumulative Update for Windows 10 Version 21H1 for x86-based Systems (KB5009543)
 MS22-JAN3
 32774
2022-01 Cumulative Update for Windows 10 Version 21H2 for x86-based Systems (KB5009543)
 MS22-JAN3
 32787
2022-01 Cumulative Update for Windows 11 for x64-based Systems (KB5009566)

As Microsoft bundles all security updates in a single Windows cumulative update, removing the update will remove all fixes for vulnerabilities patched during the January Patch Tuesday.

Unfortunately, there is no known fix or workaround for the L2TP VPN connection issues at this time.

Regards,

The ManageEngine Team