Some Windows 7 admins have recently started their days with a rude awakening. They arrived to find out that many, in some cases, thousands of PCs, were no longer enabled. Fast sleuthing determined that the problem was newer Windows updates, KB4480870, and KB4480960.
Thousands of volume licensed machines were disabled
As described by Mary Jo Foley and Günter Born, a Windows 7 administrator arrived to find out that thousands of machines had been disabled and showed a "not genuine" error message. The problem seems to have started after installing KB971
These particular machines are KMS enabled, a volume licensing option offered by Microsoft. KMS activation enables an administrator to enable many PCs conveniently by getting them to check in with a local server for a valid volume license key.
After the installation of the update, a problem occurred when a Windows 7 PC was checked in to the KMS server. The server sent a blacklisted error instead of the usual answer, and it resulted in a "non-genuine" message. As pointed out by Born, KB971033 is designed to validate standard Windows licenses and probably should never have made it to KMS PCs in the first place.
Microsoft has since recognized the problem and reversed the change. It also provided guidance on determining whether the machines have the update installed, and how to remove and re-enable.
Remote access is corrupted for some local users
Unfortunately, the problem does not stop there. At the same time, Microsoft broke the activation for legitimate PCs; It also remote accessed Windows Server 2008 R2 and Windows 7 PCs. This problem is limited to external connections from local users who are part of the local administrator group. Domain accounts and local accounts that are not local administrators are not affected.
Microsoft has recognized the problem, but only offers the solution that is using one of the above unaffected accounts.
Once again, Microsoft has released patches and updates that have broken parts of Windows. Considering how quickly an administrator found the source of the problem, it seems that Microsoft should do more testing before they are released. Unfortunately, Microsoft continues to treat its users as testers, so you probably shouldn't click the "Check for Updates" button.
Image Credit: RealVector / Shutterstock.com.