The latest Windows Update to W11 23H2 may be impacting eduroam (802.1x wireless) networks that have 802.11r* enabled

 *(802.11r is also known as Fast Roaming or Fast Basic Service Set Transition (FT))


UPDATE January 10, 2024: Microsoft has issued a fix for this issue. This issue was resolved in updates released January 9, 2024. It is included in the January 2024 cumulative updates for Windows 11.

UPDATE December 20, 2023: Microsoft has acknowledged the problem and is rolling back the update via their Known Issue Rollback (KIR)

December 18 2023: Institutions are reporting connectivity issues with eduroam (and other 802.1x networks) for Windows devices that recently upgraded to the KB5032288. As more information comes in, it is becoming more evident that the scope of impact is limited to having both Windows Update KB5032288 + 802.1x wireless networks with 802.11r enabled. 802.11r may or may not be enabled on your network. Check with your wireless network administrator.

Impact Scenarios

✅ Devices running Windows Update KB5032288 and 802.11r IS NOT enabled. No impact expected

✅ Devices NOT running Windows Update KB5032288. No impact expected

❌ Devices running Windows Update KB5032288 and 802.11r IS enabled. Loss of connectivity or degraded connections possible

(info) It is not clear if impact is limited to specific wireless NIC vendors, but issues have been reported with Qualcomm and Mediatek NICs

(info) It is not clear if impact is limited to specific EAP types. Impact has been reported with EAP-PEAP and EAP-TLS

 Workarounds and Resolution

After numerous reports, the following workarounds have reportedly resolved the issue. There is no permanent fix reported by Microsoft at this time (Dec. 19 2023).

  • Hold off on deploying Windows Update KB5032288 in your managed environment until a fix is available
  • Rollback Windows Update KB5032288 on the endpoint
  • Disable 802.11r in the 802.1x (eduroam) wireless network

Resources:


  • No labels