January Windows updates may fail if Citrix SRA is installed

Microsoft is warning that the January 2025 Windows 11 and Windows 10 cumulative updates may fail if Citrix Session Recording Agent (SRA) version 2411 is installed on the device.

As part of today's January 2025 Patch Tuesday, Microsoft released the Windows 11 KB5050009 and Windows 10 KB5049981 updates to fix numerous security vulnerabilities, including zero-day flaws.

The release notes for both updates warn that they may fail to install on devices with Citrix Session Recording Agent (SRA) version 2411 installed.

"Affected devices might initially download and apply the January 2025 Windows security update correctly, such as via the Windows Update page in Settings," reads the KB5050009 support bulletin.

"However, when restarting the device to complete the update installation, an error message with text similar to "Something didn't go as planned. No need to worry – undoing changes" appears."

"The device will then revert to the Windows updates previously present on the device."

Microsoft says this issue should only impact a limited number of organizations, as SRA 2411 was released at the end of November. Home users are not expected to be impacted.

Citrix and Microsoft are working together to resolve this issue, but in the meantime, Citrix has released a support bulletin that contains a basic workaround.

"As a workaround, stop the Session Recording Monitoring service, install the Microsoft security update, and enable the Session Recording Monitoring service," explains the Citrix support bulletin.

Citrix says that the January 2025 security update is failing as it's unable to update some drivers while Session Recording 2411 is installed. 

To disable the Session Recording Monitoring service, follow these steps:

1. Go into the Services Management Console by pressing Win + R, typing services.msc, and pressing Enter.
2. Scroll down until you see Citrix Session Recording Monitor Service.
3. Right-click on the service and select Properties.
4. Click the Stop button to stop the service, and once stopped, set it to "Disabled" and press the OK button.
5. You can now install the January Windows updates.
6. When the updates are installed, enable the service by repeating the above steps, but this time setting it to "Automatic" and then clicking the Start button.

Citrix also shared steps for disabling the service through PowerShell and the Windows Command Prompt.

The latest Windows updates should now be installed, and you are protected from the latest security vulnerabilities.

FBI Wraps Up Eradication Effort of Chinese 'PlugX' Malware

Allstate car insurer sued for tracking drivers without permission

Free online web security scanner