Microsoft's December 2025 Security Updates: A Double-Edged Sword for MSMQ
Microsoft's latest security updates, released as part of Patch Tuesday, have unleashed a wave of confusion and disruption for businesses relying on Message Queuing (MSMQ). The updates, KB5071546, KB5071544, and KB5071543, are causing a range of issues for Windows 10 22H2, Windows Server 2019, and Windows Server 2016 systems.
The Issue at Hand:
Users are reporting a variety of symptoms, including inactive MSMQ queues, IIS sites failing with 'insufficient resources' messages, and applications unable to write messages to queues. Some systems even display misleading error messages about disk space or memory, even when resources are ample.
The Root Cause:
Microsoft points to a modification in the MSMQ security model as the culprit. The updates have altered permissions on the system folder C:WindowsSystem32msmqstorage, granting MSMQ users write access, which is typically restricted to administrators. This change is causing API errors when attempting to send messages via MSMQ.
Impact on Enterprise Environments:
The MSMQ service, available as an optional component on Windows, is crucial for network communication between applications in corporate settings. It facilitates asynchronous messaging, vital for line-of-business applications and IIS-based web applications. However, the current situation highlights the delicate balance between security and functionality.
Troubleshooting and Next Steps:
Microsoft is actively investigating the issue but hasn't set a timeline for a solution. The company hasn't decided whether to release an emergency update or wait for the next Patch Tuesday. Administrators facing these problems might consider rolling back the updates, but this action carries its own security risks. A previous critical vulnerability in MSMQ (CVE-2023-21554) exposed hundreds of systems to remote code execution attacks, underscoring the ongoing challenge of balancing security and functionality.
