Microsoft has addressed the issue of NTLM traffic spikes in Windows Server 2019 with a new fix after the initial solution failed to install on devices not set to English language. The problem arose following the April 2024 update and led to an increase in NTLM traffic on certain domain controllers, affecting organizations with a small percentage of primary domain controllers and high NTLM traffic.
The fix for the NTLM issue was released in KB5037765 on May 14, 2024. However, users encountered issues with the installation of this update, especially on devices without the English (United States) language pack, resulting in error code 0x800f0982.
To address this issue, Microsoft released an out-of-band update, KB5039705, to rectify the situation. This update specifically targets the problem related to the English (United States) language pack but may also affect devices with that language pack, resulting in error code 0x80004005.
It is important for administrators to note that after installing the out-of-band update, a reboot of the device is required. Additionally, Microsoft mentioned that users of Windows 10 1809, particularly in the Home and Pro editions, are less likely to experience issues as these versions have reached the end of service in 2020. On the other hand, Enterprise and IoT LTSC versions are approaching the end of extended support on January 9, 2029.
For organizations using the affected platforms and have not yet deployed the May 2024 security update, Microsoft recommends applying the out-of-band update instead. This latest patch does not introduce new security updates but ensures the resolution of the NTLM issue and related errors on devices with different language packs. Overall, the updates aim to enhance the stability and functionality of Windows Server 2019 and associated systems.
Article Source
https://www.theregister.com/2024/05/24/microsoft_patch_patch/