Following the set up of the October 2024 safety replace, some prospects report that the OpenSSH (Open Safe Shell) service fails to start out, stopping SSH connections. The service fails with no detailed logging, and guide intervention is required to run the sshd.exe course of.

This subject is affecting each enterprise, IOT, and schooling prospects, with a restricted variety of units impacted. Microsoft is investigating whether or not client prospects utilizing Residence or Professional editions of Home windows are affected.

Prospects can briefly resolve the problem by updating permissions (ACLs) on the affected directories. Comply with these steps:

1. Open PowerShell as an Administrator.

2. Replace the permissions for C:ProgramDatassh and C:ProgramDatasshlogs to permit full management for SYSTEM and the Directors group, whereas permitting learn entry for Authenticated Customers. You may prohibit learn entry to particular customers or teams by modifying the permissions string if wanted.

   Use the next instructions to replace the permissions:

   $directoryPath = “C:ProgramDatassh” $acl = Get-Acl -Path $directoryPath $sddlString = “O:BAD:PAI(A;OICI;FA;;;SY)(A;OICI;FA;;;BA)(A;OICI;0x1200a9;;;AU)” $securityDescriptor = New-Object System.Safety.AccessControl.RawSecurityDescriptor $sddlString $acl.SetSecurityDescriptorSddlForm($securityDescriptor.GetSddlForm(“All”)) Set-Acl -Path $directoryPath -AclObject $acl

3. Repeat the above steps for C:ProgramDatasshlogs.

Microsoft is actively investigating the problem and can present a decision in an upcoming Home windows replace. Additional communications will likely be supplied when a decision or extra workarounds can be found.

Gadgets which have sure Citrix elements put in could be unable to finish set up of the January 2025 Home windows safety replace. This subject was noticed on units with Citrix Session Recording Agent (SRA) model 2411. The 2411 model of this utility was launched in December 2024.

Affected units would possibly initially obtain and apply the January 2025 Home windows safety replace appropriately, resembling through the Home windows Replace web page in Settings. Nonetheless, when restarting the gadget to finish the replace set up, an error message with textual content much like “One thing didn’t go as deliberate. No want to fret – undoing modifications” seems. The gadget will then revert to the Home windows updates beforehand current on the gadget.

This subject doubtless impacts a restricted variety of organizations as model 2411 of the SRA utility is a brand new model. Residence customers usually are not anticipated to be affected by this subject.

Citrix has documented this subject, together with a workaround, which will be carried out previous to putting in the January 2025 Home windows safety replace. For particulars, see Citrix’s documentation.

Microsoft is working with Citrix to deal with this subject and can replace this documentation as soon as a decision is on the market.

The Home windows Occasion Viewer would possibly show an error associated to SgrmBroker.exe, on units which have put in Home windows updates launched January 14, 2025 or later. This error will be discovered underneath Home windows Logs > System as Occasion 7023, with textual content much like ‘The System Guard Runtime Monitor Dealer service terminated with the next error: %%3489660935’.

This error is just observable if the Home windows Occasion Viewer is monitored carefully. It’s in any other case silent and doesn’t seem as a dialog field or notification.

SgrmBroker.exe refers back to the System Guard Runtime Monitor Dealer Service. This service was initially created for Microsoft Defender, nevertheless it has not been part of its operation for a really very long time. Though Home windows updates launched January 14, 2025 battle with the initialization of this service, no influence to efficiency or performance needs to be noticed. There is no such thing as a change to the safety degree of a tool ensuing from this subject. This service has already been disabled in different supported variations of Home windows, and SgrmBroker.exe presently serves no goal.

Notice: There is no such thing as a have to manually begin this service or configure it in any manner (doing so would possibly set off errors unnecessarily). Future Home windows updates will regulate the elements utilized by this service and SgrmBroker.exe. For that reason, please don’t try to manually uninstall or take away this service or its elements.

No particular motion is required, nevertheless, the service will be safely disabled to be able to forestall the error from showing in Occasion Viewer. To take action, you’ll be able to observe these steps:

1. Open a Command Immediate window. This may be achieved by opening the Begin menu and typing ‘cmd’. The outcomes will embody “Command Immediate” as a System utility. Choose the arrow to the appropriate of “Command Immediate” and choose “Run as administrator”.
2. As soon as the window is open, fastidiously enter the next textual content: sc.exe config sgrmagent begin=disabled
3. A message could seem afterwards. Subsequent, enter the next textual content: reg add HKLMSystemCurrentControlSetServicesSgrmBroker /v Begin /d 4 /t REG_DWORD
4. Shut the Command Immediate window.

This can forestall the associated error from showing within the Occasion Viewer on subsequent gadget begin up. Notice that a few of these steps could be restricted by group coverage set by your group.

We’re engaged on a decision and can present an replace in an upcoming launch.