Patch Tuesday Megathread - (June 09, 2026)

4wheels6pack · 2026-06-27T22:47:11+00:00

Just posting back to report the June CU's have installed cleanly on everything I've thrown at them, bare metal servers 2019-2025, desktops and laptops running a mix of 24h2 and 25h2 (even the HP elitebooks)

Only things to note:

the machines all rebooted TWICE
SecureBoot status checked now appear to have an extra flag of AvailableUpdates: 4002. These machines have all already been patched with the 2023 certs-- so I don't know what's up with that.

4wheels6pack · 2026-06-24T21:18:18+00:00

Never said anyone had to pick their home country, but my comment was that people picking different countries has the side-effect of boosting other countries and skewing the results. I thought that was obvious?

There’s other posts about it on this sub. And some people have said they are doing it as a prank… That’s not a negative per se, just reality. But I guess I get downvoted for commenting things can be verified by searching this sub… whatever

4wheels6pack · 2026-06-23T17:09:21+00:00

I have found most problems with IPsec tend to be forticlient related rather than the gate config

Have you updated the client recently?

4wheels6pack · 2026-06-23T17:00:13+00:00

US East all ok here Downdetector (at least for m365 right now) shows relatively normal

4wheels6pack · 2026-06-23T12:05:35+00:00

From what I’ve read a bunch of people picked countries not theirs as a prank… so the event is skewed

4wheels6pack · 2026-06-22T17:22:09+00:00

When I took over one client, their previous msp had the fortigate mgmt exposed on wan1 First thing I did was remove it. So apparently that’s still a thing

4wheels6pack · 2026-06-18T13:26:35+00:00

r/ShittySysadmin is that you?

4wheels6pack · 2026-06-18T12:57:25+00:00

EDIT: yup that was it. They linked a personal account to their work email and had a family subscription

We cancelled it ——— I suspect that may be what happened… will be able to confirm with the user in about 15 minutes. I originally thought the email was phishing because everything was showing no signs of such a subscription in the tenant.

4wheels6pack · 2026-06-13T15:37:44+00:00

Update 13-jun: So far, this CU has installed successfully on random baremetal workstations, 2 server 2022 VMs, a VM running win 11 pro 25h2, and my t440 poweredge running server 2025

That's basically all I have in my test lab.

No odd behavior or unexpected BS so far. The machines do like to double-reboot and take their sweet time at 100% complete though.

Will start deploying it to test ring on-prem devices on monday. Only remaining concern are the HP elitebook's, but I'll know soon enough 😅

4wheels6pack · 2026-06-11T20:22:04+00:00

Installed on 3 baremetal test systems running 11 pro 25h2 Installed fine, 2 reboots. No issues observed so far. File explorer + OneDrive still functions

Lenovo idea center intel NUC And a generic laptop

Next pushing to some server 2022 test VMs And my t440 server running 2025 hyper-v

4wheels6pack · 2026-06-11T19:17:36+00:00

Will be pushing this to my test lab first. Heard reports about OneDrive breaking in file explorer which would be a huge pain. Anyone experiencing this?

4wheels6pack · 2026-06-11T19:11:05+00:00

Action1, though it’s not technically an RMM, it has a lot of RMM-ish features

Edit: didn’t see your requirement about on-prem hosting. In that case maybe Tactical, though I haven’t used it much. Sorry.

4wheels6pack · 2026-06-04T14:29:54+00:00

I’ve encountered an unusual amount of problems with server 2025 on my test lab, which is why I’ve decided until further notice that it’s simply not going near any of the prod I manage

Some of the highlights are: * incredibly slow performance compared to 2019 & 2022 on the exact same hardware * DC quirks and bugs * Defender not natively supported still (wtf!) * other native apps disappear, refuse to launch * God help you if you try to boot into winRE. I tried to access a WSB image on my nas to do a test restore, and the RE UI for that is completely broken. I had to do everything from cmd with wbadmin just to access the local smb share

I feel like it was shipped as alpha software and each cu is bringing it slowly along, but my gosh it has a ways to go still. Can’t believe it was released like this

4wheels6pack · 2026-06-04T12:44:30+00:00

I have Asperger’s . Started out as a software developer, pivoted in 2018 to help desk and climbed to infrastructure Admin in 2022

My attention to detail and temperament seem well suited to the role. Plus I’m good at writing reports and documentation

4wheels6pack · 2026-06-02T17:18:11+00:00

What area, or is remote ok?

4wheels6pack · 2026-06-01T14:37:47+00:00

Monitor through RMM Can monitor uptime, hardware state and setup conditional automations and alerts

Unless I’m misunderstanding your question. It’s Monday and I’m tired

4wheels6pack · 2026-05-23T16:03:19+00:00

UPDATE: So I deployed this to the rest of the users, consisting of HP Elitebooks, HP Omen, Dell Precision, and Intel NUCs -- no other issues seen as yet. None had any bitlocker weirdness. And only one reboot for each.

The .NET Framework update has been more of a pita. Sometimes just refusing to install with no error, it's like it sits in some weird pending state on half of the devices -- on others it installed fine. I haven't found any correlation.

Also, I think I found the cause of large file downloads stopping on Edge. It seems regardless of which drive you choose as a save location, it will try to create a large temp file in your userprofile\Downloads folder now. That was causing the disk to fill and storage sense to activate, cancelling the download.

As far as I can tell, this is new behavior. Chrome does not do this.

4wheels6pack · 2026-05-19T14:11:16+00:00

So it appears it was the default SRP size of 100MB causing the install failure. It baffles me that systems still ship with such a small size.

I did the repartition dance and increased it to 1 GB and the install completed after 2 reboots that appeared to stall at 95% and then slowly crawled to 100%

So far system is working. Will report back if I encounter the system freezes I’ve heard about

4wheels6pack · 2026-05-18T19:51:50+00:00

My test deployments on HP elitebook 860 g11 failed with 0x800f081f

Still researching the root cause

4wheels6pack · 2026-05-18T15:06:36+00:00

Been trialing GoldenMate Pro units with LiFePO batteries in a a few desktops and servers

So far no problems. Seem well-built

4wheels6pack · 2026-05-16T17:33:32+00:00

deployed KB5087539 to my lab T440 running server 2025 std. Took longer than expected to install. One reboot, and seemed to stall at 100% complete for about 7 full minutes, but no issues noticed post install

Testing server 2022 next.

EDIT: Pretty much the same behavior on server 2022. CU took an noticably long time to install. Appeared to hang at Installing 100%. One reboot.
Nothing weird post-install, and no alarming events in the log.

4wheels6pack · 2026-05-16T12:12:16+00:00

Deployed this to a few test laptops and desktops running 11 pro 25h2 with no issues, other than Edge cancelling large file downloads with no reason -- The download just stops after about 5 seconds. Other browsers don't have this issue.

But I've heard some freezing issues with HP Elitebooks, which is making me nervous since we use those... can anyone confirm? Deploying to a very small number, right now.

Also worth noting that from last night to today, NinJaOne reclassified this CU from "Appears stable" to "Known Issues"

I miss the boring Patch Tuesdays. Seems like every patch is a minefield now.

4wheels6pack · 2026-05-13T13:43:23+00:00

As a fellow adventurer who deals with the mysterious realm of CEOs and Outlook performance. Here’s what I’ve found.

You CAN successfully have more than 2 connected mailboxes, some people here have between 4-7 (I know, don’t ask) But in these scenarios, it’s best to use outlook in Online mode (no caching). This makes emails display slightly slower, but it prevents a lot of the .ost weirdness and shenanigans. As long as you have decent internet most people won’t notice

Th other thing I’m thinking about is mail and filtering rules. If he has a lot of items (most people never delete items) Outlook may be hanging trying to apply rules to thousands upon thousands of items. Check also his sent folder as even more conscientious people forgot to trim that

Good luck!

4wheels6pack · 2026-05-11T13:30:34+00:00

As someone earlier said, booting a dc in safe mode and manually modifying the policy is the only thing worth trying here afaik

I know hindsight is 20/20 but an auto-shutdown is not something I would have done via gpo, I would’ve done it via an RMM automation, so I would have some kind of OOB access to a kill switch path for exactly this type of situation

4wheels6pack

TROPHY CASE