Microsoft’s December 2025 Update Causes IIS Failures: Urgent Action Required
Microsoft’s recent December 2025 security update, identified as KB5071546 (OS Build 19045.6691), has introduced significant disruptions in Internet Information Services (IIS) operations, particularly affecting Message Queuing (MSMQ) functionalities. This development has led to widespread IIS site crashes, posing substantial challenges for IT administrators.
Issue Overview
The problem was first reported on December 12, 2025, with subsequent updates on December 16. The primary issue arises under load conditions, especially in clustered environments, where MSMQ queues become inactive. This inactivity prevents applications from writing messages, resulting in IIS-hosted sites displaying errors such as Insufficient resources to perform operation, despite the availability of adequate disk space and memory.
Technical Details
Specific error messages include:
– The message file ‘C:\Windows\System32\msmq\storage\.mq’ cannot be created.
– Logs indicating insufficient disk space or memory, which are misleading given the actual resource availability.
These issues stem from recent security enhancements in MSMQ’s model, which have tightened NTFS permissions on the C:\Windows\System32\MSMQ\storage folder. Previously, only administrators had write access to this directory. The update now requires explicit write permissions for MSMQ users, leading to API failures when sending messages.
Impact Assessment
The flaw predominantly affects enterprise environments, with Windows Server versions 2019, 2016, 2012 R2, and 2012 being the most impacted. Client systems such as Windows 10 versions 22H2, 21H2, 1809, and 1607 are also susceptible. Notably, consumer setups running Windows Home or Pro editions on personal devices are largely unaffected.
Microsoft’s Response
Microsoft has acknowledged the issue on its support portal, attributing it to overzealous permission changes introduced in the December 9 patch. The company states, We are investigating and will provide updates. As of now, no public patch is available. IT teams are advised to contact Microsoft Support for business to deploy a targeted workaround that restores folder access without compromising security.
Broader Implications
This incident underscores the complexities associated with monthly Patch Tuesday updates. MSMQ, a legacy yet vital Windows component for reliable queued messaging in distributed applications, underpins numerous enterprise systems, including financial transaction processors and industrial control setups. When integrated with IIS, failures can cascade, potentially leading to web service outages during peak operational periods.
Recommended Actions
Security teams should promptly assess their environments to identify deployments of KB5071546. Tools such as PowerShell’s Get-HotFix or Windows Server Update Services (WSUS) reports can assist in this identification. While rolling back the update may be an option for non-clustered systems, administrators of clustered environments should exercise caution due to potential data loss risks.
In light of the current cybersecurity landscape, characterized by increasing ransomware and supply-chain threats, such update-induced disruptions highlight the necessity for staged testing and vigilant monitoring. Microsoft has committed to resolving the issue promptly; however, proactive engagement with support channels is crucial. Enterprises delaying contact risk prolonged downtime, which can have significant operational and financial repercussions.
Conclusion
The recent disruptions caused by Microsoft’s December 2025 update serve as a reminder of the delicate balance between implementing security enhancements and maintaining system stability. IT administrators are urged to stay informed through official Microsoft communications and to take immediate action to mitigate the impact of this issue on their operations.
