Microsoft’s October Home windows 11 updates have damaged the “localhost” performance, making purposes that join again to 127.0.0.1 over HTTP/2Â not operate correctly.
Localhost refers back to the native pc or machine you are at present utilizing, which might be accessed by the particular IP handle 127.0.0.1.
Builders generally use localhost to check web sites or debug purposes, however it can be used by purposes that want to connect with a regionally working service to carry out some motion or question.
After putting in the Home windows 11 KB5066835 Patch Tuesday, and even September’s KB5065789 preview replace, customers are discovering that their purposes are not in a position to full HTTP connections to the localhost (127.0.0.1) IP handle.
When trying to take action, they acquired errors like “ERR_CONNECTION_RESET” or “ERR_HTTP2_PROTOCOL_ERROR”.
These points have been reported by Home windows customers on the Microsoft boards, Stack Trade, and Reddit, all stating they’re not in a position to make HTTP connections to 127.0.0.1.
The bug has impacted broadly used purposes, together with Visible Studio debugging, SSMS Entra ID authentication, and the Duo Desktop app, which verifies machine safety posture and requires connections again to net servers working on the localhost.
“After performing Home windows Updates for Home windows 11 24H2 and 25H2, you might expertise a problem the place the Duo Immediate is unable to achieve Duo Desktop,” reads the Duo assist bulletin.
“This may increasingly forestall profitable authentication (or end in restricted performance) in conditions the place the next are in use: Trusted Endpoints, Insurance policies such because the Duo Desktop & System Well being coverage, Duo Desktop as an Authentication Methodology. Duo Passport. Verified Duo Push with Bluetooth Autofill or Proximity Verification.”
BornCity suggests the next Registry entries assist resolve the issue by disabling the HTTP/2 protocol however BleepingComputer has not been in a position to independently verify this repair.
[HKEY_LOCAL_MACHINESystemCurrentControlSetServicesHTTPParameters]
"EnableHttp2Tls"=dword:00000000
"EnableHttp2Cleartext"=dword:00000000Â
One other methodology that some declare resolved the issue was to put in the newest Microsoft Defender intelligence replace. Nevertheless, others report that it has not fastened the problem on their Home windows gadgets.
As an alternative, the one certain solution to resolve the bug has been to uninstall the October KB5066835 replace and September’s KB5065789 preview replace.
Home windows customers can uninstall the updates utilizing the next instructions:
wusa /uninstall /kb:5066835
wusa /uninstall /kb:5065789
After uninstalling the updates and restarting Home windows, the loopback interface ought to as soon as once more permit HTTP/2 connections, resolving the problems utilizing purposes.
BleepingComputer contacted Microsoft about this bug and can replace our story if we obtain a response.
Be part of the Breach and Assault Simulation Summit and expertise the way forward for safety validation. Hear from high consultants and see how AI-powered BAS is reworking breach and assault simulation.
Do not miss the occasion that can form the way forward for your safety technique
