Windows 10 December Update Breaks MSMQ, Causes App and IIS Failures

A recent cumulative update for Windows 10, specifically the December 2025 release identified as KB5071546, has introduced significant disruptions for businesses and IT administrators by breaking Microsoft Message Queuing (MSMQ) functionality.

This issue primarily affects enterprise environments, as consumer versions of Windows typically do not have MSMQ installed or enabled, nor do their applications rely on this component.

The Core Problem: MSMQ Service Failures

The December 2025 Patch Tuesday update has been confirmed by Microsoft to cause issues with the MSMQ service, a critical component for asynchronous communication between applications. This disruption has led to a cascade of failures, impacting various business-critical operations and services.

MSMQ, or Microsoft Message Queuing, is designed to allow applications to send messages to a queue for later processing by another application or service. Its role in enterprise environments is substantial, facilitating background tasks, transaction processing, inventory management, and integration with legacy systems.

When MSMQ fails, these essential background tasks can halt, directly impacting the primary applications or websites that depend on them. The implications are far-reaching, potentially causing significant downtime and operational paralysis for businesses.

Symptoms of the December Update’s Impact

Administrators and users have reported a range of alarming symptoms following the installation of the problematic update. These issues manifest in several key areas, disrupting normal operations and leading to confusion due to misleading error messages.

One of the most common indicators is the MSMQ service becoming inactive or queues becoming unresponsive. This directly prevents applications from writing messages, effectively stopping the flow of communication that MSMQ is designed to facilitate.

Internet Information Services (IIS) sites are also severely affected, frequently failing with “Insufficient resources to perform operation” errors. This is particularly concerning as these errors occur even when systems have ample disk space and memory, suggesting a configuration or permission issue rather than a genuine resource shortage.

Applications are unable to write to queues, and users may encounter errors such as “The message file ‘C:\Windows\System32\msmq\storage*.mq’ cannot be created.” This specific error points towards a problem with file system access, a critical clue to the underlying cause.

Furthermore, systems might display misleading log entries that falsely report “There is insufficient disk space or memory,” despite adequate resources being available. This misdirection complicates troubleshooting efforts for IT teams already under pressure to restore services.

The Root Cause: Security Hardening and Permission Changes

Microsoft has identified the root cause of these widespread MSMQ failures. The December 2025 security update, KB5071546, introduced changes to the MSMQ security model and consequently altered NTFS permissions on the `C:WindowsSystem32MSMQstorage` folder. This folder is crucial for MSMQ’s operation, storing message files.

The update tightened security by requiring MSMQ users to have write access to this folder, which is typically restricted to administrators. This change, intended as a security measure, inadvertently created a conflict with how MSMQ and its dependent applications function, as they require write permissions to this directory to operate correctly.

As a result, attempts to send messages via MSMQ APIs fail with resource errors, even though the underlying issue is a lack of necessary file system permissions for the service accounts. This permission mismatch is the direct trigger for the observed service outages and application failures.

Affected Systems and Versions

The impact of this update is primarily concentrated on enterprise and managed IT environments, with specific Windows versions being more susceptible. Consumer-grade Windows editions are generally unaffected because MSMQ is not a standard component in those installations.

Affected server operating systems include Windows Server 2019 and Windows Server 2016. The issue has also been observed on Windows Server 2012 R2 and Windows Server 2012.

On the client side, Windows 10 version 22H2 is prominently mentioned as affected. Other Windows 10 versions, including 21H2, 1809, and 1607, have also been reported to experience these problems, particularly if they are on extended security updates and received the December patch.

Clustered MSMQ environments are particularly vulnerable, especially when operating under heavy load, as the failures can manifest more severely in such configurations.

Immediate Workarounds and Mitigation Strategies

Given the critical nature of these failures, IT administrators have sought immediate solutions to restore functionality. Microsoft has acknowledged the issue and provided guidance, though a permanent fix requires specific actions.

One of the most direct, albeit temporary, solutions is to uninstall the problematic Windows 10 update, KB5071546. This action immediately restores MSMQ functionality, allowing systems to return to normal operation while a permanent solution is investigated.

For organizations that cannot immediately uninstall the update or require a more integrated solution, Microsoft has offered a workaround. This workaround involves adjusting the NTFS permissions on the `C:WindowsSystem32MSMQstorage` folder to grant write access to the necessary service accounts, such as `NT AUTHORITYNETWORK SERVICE` or other accounts used by dependent applications. This effectively reverts the permission change introduced by the update, allowing MSMQ to function correctly.

To apply this workaround, affected organizations are advised to contact Microsoft Support for business. This is because the precise implementation might vary based on specific configurations, and Microsoft can provide tailored guidance.

Some reports suggest that restarting the Message Queuing service and ensuring dependent services like Distributed Transaction Coordinator are set to start automatically can help in certain scenarios. Re-registering MSMQ components or applying subsequent cumulative updates released after December might also resolve the behavior for some, though an out-of-band update (KB5074976) was specifically released to address these MSMQ failures.

Microsoft’s Response and Future Outlook

Microsoft has officially acknowledged the issue, listing it as a known problem in the release notes for the December 2025 security updates. The company is actively investigating and working on a permanent resolution.

An out-of-band update, KB5074976, was released on December 19, 2025, specifically to address these critical MSMQ failures. This update is not delivered through the standard Windows Update channel and must be downloaded manually from the Microsoft Update Catalog.

For those who have encountered the MSMQ issues, installing this out-of-band update, followed by a system reboot, should restore MSMQ functionality. Organizations should ensure they download and apply this specific update to rectify the problem permanently.

Microsoft also recommends that IT teams manage unexpected Windows update issues with speed and experience, suggesting proactive monitoring and structured update testing to prevent future disruptions. The company’s acknowledgment and subsequent release of an out-of-band update demonstrate a commitment to resolving critical issues, though the initial impact highlights the importance of thorough testing before broad deployment of security patches.

The Broader Implications for IT Management

The incident involving the December Windows 10 update and MSMQ failures underscores several critical points for IT infrastructure management. It highlights the delicate balance between security hardening and operational continuity, especially for legacy systems that remain vital to many businesses.

The reliance on MSMQ in enterprise environments, despite its age, demonstrates that not all legacy components can be easily retired. These systems often underpin complex business processes and integrations that are costly and time-consuming to replace.

This event also emphasizes the importance of a robust update management strategy. Staged rollouts of updates, thorough testing in non-production environments, and having well-defined rollback procedures are essential to mitigate the impact of unexpected issues.

Furthermore, the need for direct communication and support from vendors like Microsoft during critical incidents cannot be overstated. The guidance to contact Microsoft Support for business for workarounds indicates that complex issues may require specialized assistance beyond standard documentation.

Finally, the incident serves as a reminder of the potential risks associated with security updates. While crucial for protecting systems from external threats, these updates can sometimes introduce unforeseen compatibility problems that disrupt internal operations, creating a complex security paradox for IT administrators.