Latest update to Windows 10 has a bug that could break VPN services

Microsoft has announced a bug in the Windows 10 May 2019 Update which could hamper the operation of virtual private networks (VPNs). The issue affects the Remote Access Connection Manager service, which is what Windows uses to manage connections to a VPN.

Remote Access Connection Manager, also known as RASMAN, needs to run in the background for always-on VPNs to work, or for VPN users who connect to the internet via dial-up. If the service stops working, it will interfere with these users’ VPN connections.

Given how many people around the world use a VPN to access the internet, whether for security reasons or convenience, there are millions of users who could be affected by this bug. It affects the latest version of Windows 10, KB4501375 (OS Build 18362.207), which was released on June 27.

“The Remote Access Connection Manager (RASMAN) service may stop working and you may receive the error ‘0xc0000005’,” Microsoft warns on an updated support page. “You may also receive an error in the Application section of Windows Logs in Event Viewer with Event ID 1000 referencing ‘svchost.exe_RasMan’ and ‘rasman.dll’.”

Microsoft does say, “This issue only occurs when a VPN profile is configured as an Always On VPN (AOVPN) connection with or without device tunnel. This does not affect manual only VPN profiles or connections.” But many people use always on VPN, especially in enterprise environments or if they are browsing from countries with severe censorship restrictions or high levels of government surveillance.

There is a workaround for the issue available, by changing a value in the group policy settings. Find the setting at Computer Configuration>Administrative Templates>Windows Components>Data Collection and Preview Builds>Allow Telemetry and change the value of Safe Policy Setting to Enabled and set it to 1 (Basic), 2 (Enhanced), or 3 (Full).

There’s also an alternative method, but it requires editing a Windows Registry file. If you’re confident with the Registry, you can locate the value for the SubKey HKEY_LOCAL_MACHINE>SOFTWARE>Policies>Microsoft>Windows>DataCollection, and change the AllowTelemetry setting to a value of 1 (Basic), 2 (Enhanced), or 3 (Full).

If you’d rather not play with registry files or group policy settings, you can wait for Microsoft to roll out a fix, which it estimates will be available later this month.