Microsoft has confirmed that its December 2025 Windows security update (KB5071546, OS Build 19045.6691) is causing Message Queuing (MSMQ) failures, leading to widespread IIS site crashes.
First reported on December 12 and last updated December 16, the problem manifests under load, particularly in clustered setups, disrupting critical messaging workflows.
Affected users report MSMQ queues going inactive, preventing applications from writing messages. IIS-hosted sites throw “Insufficient resources to perform operation” errors, halting services despite ample disk space and memory.
Specific failures include errors like “The message file ‘C:\Windows\System32\msmq\storage*.mq‘ cannot be created,” alongside misleading logs claiming “insufficient disk space or memory.”
These symptoms stem from recent hardening in MSMQ’s security model, which tightened NTFS permissions on the C:\Windows\System32\MSMQ\storage folder. Now, MSMQ users require explicit write access, previously admin-only, triggering API failures when sending messages.
The flaw does not affect consumer setups: Windows Home or Pro editions on personal devices face negligible risk. Enterprise IT admins, however, bear the brunt, with Windows Server 2019, 2016, 2012 R2, and 2012 hit hardest, alongside clients like Windows 10 versions 22H2, 21H2, 1809, and 1607.
Microsoft acknowledges the issue on its support portal, attributing it to overzealous permission changes in the patch released December 9. “We are investigating and will provide updates,” the company states.
For now, no public patch exists; IT teams must contact Microsoft Support for business to deploy a targeted workaround restoring folder access without compromising security.
This glitch underscores the double-edged sword of monthly Patch Tuesday updates. MSMQ, a legacy but vital Windows component for reliable queued messaging in distributed apps, underpins countless enterprise systems from financial transaction processors to industrial control setups. When paired with IIS, failures cascade, potentially idling web services and triggering outages during peak loads.
Security teams should scan environments immediately. Tools like PowerShell’s Get-HotFix or WSUS reports can flag KB5071546 deployments. Rollback remains an option for non-clustered systems, but clustered admins risk data loss.
As ransomware and supply-chain threats loom, such update-induced disruptions highlight the need for staged testing. Microsoft promises resolution soon, but proactive outreach to support is key. Enterprises delaying contact risk prolonged downtime in an already volatile threat landscape.
Follow us on Google News, LinkedIn, and X for daily cybersecurity updates. Contact us to feature your stories.
