"Fixed" .NET Framework Updates Still Cause High CPU on AAD Connect Servers

Friday, July 20, 2018
AKA - "What's that burning smell?" or "Why does my server sound like a Boeing 747?"

Continuing my rant about buggy Windows Updates -- especially .NET Framework -- I've found that even the latest "fixed" .NET Framework updates still cause high CPU on AAD Connect servers.


On Windows Server 2012 R2 the offending update is 2018-07 Security and Quality Rollup for .NET Framework 3.5, 4.5.2, 4.6, 4.6.1, 4.6.2, 4.7, 4.7.1, 4.7.2 for Windows 8.1 and Server 2012 R2 for x64 (KB4340558). This "quality" rollup is actually a package that contains three different .NET Framework updates:
  • KB4338415 - Security and Quality Rollup updates for .NET Framework
  • KB4338419 - Security and Quality Rollup updates for .NET Framework
  • KB4338424 - A rollup update that is not available as a stand-alone package
It turns out that KB4338419 is the real offender that causes a race condition on the Microsoft.Identity.Health.AadSync.MonitoringAgent.Startup.exe process. If your AAD Connect server is experiencing high CPU for this process, uninstall KB4338419 or the entire KB4340558 package.

Be advised:
  • There are different KB packages for different OS's. Find the update that matches your OS in "installed updates"
  • Uninstalling these updates requires a restart (again)
  • .NET will recompile its assemblies when the computer restarts (again)
  • Windows Update will recommend installing these updates again. Do not install them. Better yet, hide them so Windows Update no longer offers them.