Windows 10 March 2025 Patch Tuesday Updates (KB5053606, KB5053596, KB5053594, KB5053618) Released

Post-installation of the October 2024 security update, some users are facing issues where the OpenSSH service fails to initiate, impacting SSH connections. This encounter lacks detailed error logging, necessitating manual intervention to run sshd.exe.

This issue is primarily impacting enterprise, IoT, and educational users, with Microsoft currently assessing potential effects on Home and Pro edition users.

A temporary fix can be achieved by updating the permissions (ACLs) on necessary directories. The steps are:

1. Launch PowerShell as an Administrator.
2. Update the permissions for C:\ProgramData\ssh and C:\ProgramData\ssh\logs to grant full control to SYSTEM and the Administrators group, while enabling read access for Authenticated Users. Execute the following commands:

     $directoryPath = "C:\ProgramData\ssh" $acl = Get-Acl -Path $directoryPath $sddlString = "O:BAD:PAI(A;OICI;FA;;;SY)(A;OICI;FA;;;BA)(A;OICI;0x1200a9;;;AU)" $securityDescriptor = New-Object System. Security. AccessControl. RawSecurityDescriptor $sddlString $acl. SetSecurityDescriptorSddlForm($securityDescriptor. GetSddlForm("All")) Set-Acl -Path $directoryPath -AclObject $acl 

3. Repeat the above process for C:\ProgramData\ssh\logs.

Microsoft is investigating the issue and will release a fix in a subsequent Windows update.

Devices equipped with specific Citrix components may face issues when trying to complete the installation of the January 2025 Windows security update. This concern has been reported on devices using the Citrix Session Recording Agent (SRA) version 2411, which was launched in December 2024.

Affected devices will appear to download and apply the January update correctly but may encounter a rollback error upon restart, reverting to previous updates. It is presumed that this affects a limited portion of organizations with this new version of SRA, and home users are unlikely to experience this problem.

Citrix has documented this inconvenience along with a workaround prior to the installation of the January 2025 security update. For details, refer to Citrix’s documentation.

Microsoft is collaborating with Citrix to address this concern and will keep the documentation updated as progress is made.

Users might observe an error regarding SgrmBroker.exe in the Windows Event Viewer following the installation of updates released on January 14, 2025, or later. This error is reported under Windows Logs > System as Event 7023, typically phrased as ‘The System Guard Runtime Monitor Broker service terminated with the following error: %%3489660935′.

This issue appears silently unless closely monitored in the Event Viewer, affecting no operational functionality or performance globally.

No specific action is mandated, though disabling the service can circumvent the subsequent error display in the Event Viewer. To do this, follow these steps:

1. Open Command Prompt as an Administrator.
2. Input the following command:

    sc.exe config sgrmagent start=disabled

3. After the confirmation message, execute:

    reg add HKLM\System\CurrentControlSet\Services\SgrmBroker /v Start /d 4 /t REG_DWORD

4. Close the Command Prompt.

This will prevent the error from appearing upon future startups. Be aware that some restrictions may apply based on organizational policy.

KB5053596

17763.7009

KB5053594

14393.7876

KB5053618

10240.20947