KB5071506: Overview with user sentiment and feedback
Last Updated January 30, 2026
Probability of successful installation and continued operation of the machine
Overview
This security-only update for Windows Server 2008 R2 addresses a security vulnerability in PowerShell 5.1. The Invoke-WebRequest command now includes a confirmation prompt with a security warning of a script execution risk, allowing users to choose whether to continue or cancel the request. This update also resolves several other security vulnerabilities, details of which can be found in the Deployments | Security Update Guide and the December 2025 Security Updates.
General Purpose
The key purpose of this update is to address a security vulnerability in PowerShell 5.1 by adding a confirmation prompt when using the Invoke-WebRequest command. This helps prevent potential script execution risks. Additionally, the update resolves several other security vulnerabilities in Windows Server 2008 R2 to improve the overall security of the system.
General Sentiment
The general sentiment towards this update is mixed. On the positive side, it addresses important security vulnerabilities and takes steps to improve PowerShell security. However, the update also introduces a known issue related to Message Queuing (MSMQ) functionality, which could impact enterprise or managed IT environments. Users may experience issues with MSMQ queues becoming inactive, IIS sites failing, and applications unable to write to queues. This known issue is a significant concern and may outweigh the benefits of the update for some organizations.
Known Issues
- After installing this update, users may face issues with the Message Queuing (MSMQ) functionality. This issue also impacts clustered MSMQ environments under load. Users may encounter the following symptoms: - MSMQ queues becoming inactive - IIS sites failing with "Insufficient resources to perform operation" errors - Applications unable to write to queues - Errors such as "The message file 'C:WindowsSystem32msmqstorage*.mq' cannot be created" when creating message files - Misleading logs, such as "There is insufficient disk space or memory", despite sufficient disk space and memory being available- This issue is caused by recent changes to the MSMQ security model and NTFS permissions on the C:WindowsSystem32MSMQstorage folder. MSMQ users now require write access to this folder, which is normally restricted to administrators.
Disclaimer: We take measures to ensure that AI-generated content is of the highest possible quality, but we cannot guarantee its accuracy and recommend that users do their own independent research. Generated on 2026-01-30 01:20 PM
