Sign in with Microsoft
Sign in or create an account.
Hello,
Select a different account.
You have multiple accounts
Choose the account you want to sign in with.

The March 2017 Preview of Monthly Quality Rollup includes some new improvements and fixes for the Windows 8.1 and Windows Server 2012 R2 platforms. We recommend that you apply this quality rollup as part of your regular maintenance routines. Before you install this update, see the Prerequisites and the Restart requirement sections.

Improvements and fixes

To learn more about the nonsecurity improvements and fixes in this update, see the "March 21, 2017 – KB4012219" section in Windows 8.1 and Windows Server 2012 R2 update history.

Known issue in this update

Symptoms

Workaround

If you’re freshly installing or re-installing the Remote Desktop Web Access (RD Web Access) role service, the auto-generated self-signed certificate is still using Secure Hash Algorithm 1 (SHA-1).

There are two options:

  • Configure a trusted certificate for RDWeb (recommended).

  • Re-create the self-signed certificate for RDWeb by using Remote Desktop Management Server (RDMS) UI.

This update introduced an issue in which, if an iSCSI target becomes unavailable, attempts to reconnect will cause a leak. Initiating a new connection to an available target will work as expected.

Microsoft is working on a resolution and will provide an update in an upcoming release.
For more information about this issue, see the following section.

This update contains a crippling iSCSI connection leak in msiscsi.sys driver that results in computer hangs.

Microsoft is working on a resolution and will provide an update in an upcoming release.

Windows Server 2012 R2 and Server 2016 computers that experience disconnections to iSCSI attached targets may show many different symptoms. These include, but are not limited to:

  • The operating system stops responding

  • You receive Stop errors (Bugcheck errors) 0x80, 0x111, 0x1C8, 0xE2, 0x161, 0x00, 0xF4, 0xEF, 0xEA, 0x101, 0x133, or 0xDEADDEAD.

  • User log on failures occur together with a "No Logon Servers Available" error.

  • Application and service failures occur because of ephemeral port exhaustion.

  • An unusually high number of ephemeral ports are being used by the System process.

  • An unusually high number of threads are being used by the System process.

Cause

This issue is caused by a locking issue on Windows Server 2012 R2 and Windows Server 2016 RS1 computers, causing connectivity issues to the iSCSI targets. The issue can occur after installing any of the following updates:

Windows Server 2012 R2

Release date

KB

Article title

May 16, 2017

KB 4015553

April 18, 2017—KB4015553 (Preview of Monthly Rollup)

May 9, 2017

KB 4019215

May 9, 2017—KB4019215 (Monthly Rollup)

May 9, 2017

KB 4019213

May 9, 2017—KB4019213 (Security-only update)

April 18, 2017

KB 4015553

April 18, 2017—KB4015553 (Preview of Monthly Rollup)

April 11, 2017

KB 4015550

April 11, 2017—KB4015550 (Monthly Rollup)

April 11, 2017

KB 4015547

April 11, 2017—KB4015547 (Security-only update)

March 21, 2017

KB 4012219

March 2017 Preview of Monthly Quality Rollup for Windows 8.1 and Windows Server 2012 R2

Windows Server 2016 RTM (RS1) 

Release date

KB

Article title

May 16, 2017

KB 4023680

May 26, 2017—KB4023680 (OS Build 14393.1230)

May 9, 2017

KB 4019472

May 9, 2017—KB4019472 (OS Build 14393.1198)

April 11, 2017

KB 4015217

April 11, 2017—KB4015217 (OS Build 14393.1066 and 14393.1083)


Verification

  • Verify the version of the following MSISCSI driver on the system:

    c:\windows\system32\drivers\msiscsi.sys

    The version that will expose this behavior is 6.3.9600.18624 for Windows Server 2012 R2 and version 10.0.14393.1066 for Windows Server 2016.

  • The following events are logged in the System log:

    Event source

    ID

    Text

    iScsiPrt

    34

    A connection to the target was lost, but the Initiator successfully reconnected to the target. Dump data contains the target name.

    iScsiPrt

    39

    The Initiator sent a task management command to reset the target. The target name is given in the dump data.

    iScsiPrt

    9

    Target did not respond in time for a SCSI request. The CDB is given in the dump data.

  • Review the number of threads that are running under the System process, and compare this to a known working baseline.

  • Review the number of handles that are currently opened by the System process, and compare this to a known working baseline.

  • Review the number of ephemeral ports that are being used by the System process.

  • From an administrative Powershell, run the following command:

    Get-NetTCPConnection | Group-Object -Property State, OwningProcess | Sort Count

    Or, from an administrative CMD prompt, run the following NETSTAT command together with the "Q" switch. This shows "bound" ports that are no longer connected:

    NETSTAT –ANOQ

    Focus on ports that are owned by the SYSTEM process.

    For the three previous points, anything more than 12,000 should be considered suspect. If iSCSI targets are present in the computer, there is high probability that the issue will occur.

Resolution

If the event logs indicate that many reconnections are occurring, work with your iSCSI and network fabric vendor to help diagnose and correct the reason for the failure to maintain connections to iSCSI targets. Make sure that iSCSI targets can be accessed over the current network fabric. Install updated fixes when they become available. This article will be updated with the specific KB article number of the fix to install when it becomes available.

Note We do not recommend that you uninstall any of the March, April, May, or June security rollups. Doing so will expose the computers to known security exploits and other bugs that are mitigated by monthly updates. We recommend that you first work with iSCSI target and network vendors to resolve the connectivity issues that are triggering target reconnects.

How to get this update

Important If you install a language pack after you install this update, you must reinstall this update. Therefore, we recommend that you install any language packs that you need before you install this update. For more information, see Add language packs to Windows.

Method 1: Windows Update This update is provided as an Optional update on Windows Update. For more information about how to run Windows Update, see How to get an update through Windows Update.

Method 2: Microsoft Update Catalog To get the stand-alone package for this update, go to the Microsoft Update Catalog website.

Note You must be running Microsoft Internet Explorer 6 or later versions.

Update detail information

Prerequisites To apply this update, you must have April 2014 update rollup for Windows RT 8.1, Windows 8.1, and Windows Server 2012 R2 (2919355) installed on Windows 8.1 or Windows Server 2012 R2.

Restart requirement You must restart the computer after you apply this update.

Registry information To apply this update, you don't have to make any changes to the registry.

Update replacement information This update doesn't replace any previously released update.

File Information

File name

SHA1 hash

SHA256 hash

Windows8.1-KB4012219-x64.msu

65A44C2F045B53479BDE37D475BAF94768C814C5

6CF1D8EA7F7E6B853A13B338DAD01CAC641C52D97E212768DA833A71ED463F2A

Windows8.1-KB4012219-arm.msu

E7D72E250EA22BD5B4F4A9304EB9B1BC4A887593

E61965AFD8189C395324461006CDFBC0AE405BFC42C1E604B4889938830FE38C

Windows8.1-KB4012219-x86.msu

A7C2A0F83F62F7633983EC40470A74C8642DF7D4

2A4F22AFCCC3FF1BB47C294514965CB43A034592621D0AF31E11A338077E169F

File information

For a list of the files that are provided in this update, download the file information for update rollup 4012219.

References

For more information about Windows Update, go to the following Microsoft websites:

Troubleshoot problems with installing updates

Windows Update: Frequently Asked Questions

Learn about the terminology that Microsoft uses to describe software updates.

Need more help?

Want more options?

Explore subscription benefits, browse training courses, learn how to secure your device, and more.

Communities help you ask and answer questions, give feedback, and hear from experts with rich knowledge.

Was this information helpful?

What affected your experience?
By pressing submit, your feedback will be used to improve Microsoft products and services. Your IT admin will be able to collect this data. Privacy Statement.

Thank you for your feedback!

×