I recently installed some Windows Server 2008 updates (March 2012) that required a reboot. I was working from my remote connection down the hall. After I allowed the required reboot of the server, I went to lunch. When I got back and tried to log on remotely I was told the connection was not available. Several more tries gave partial logon, no logon, an error message box or some other non-connect.
After an initial period of panic (it's a live system), I went to the vault where the server is located and was able to log on with no problem.
What had I done? I had OKed an upgrade to SP1 ( a huge number of MBytes ), and I had rebooted from a remote connection.
Long story short:I was not alone in having this problem just after updating to SP1. Lots of research later, I went to look at the update history. One stood out as related to remote desktop. It was KB2667402. It seems there was a exploit allowing a malicious person to take control of the server easily. I set them up with the original installation, and I went home. I now know, however, that SP1 wasn't the problem; it was the single KB upgrade
As with most instances like this, I had the answer at 3:00 am, and I couldn't let it go. I went in on Saturday, the next day, when no one was using the school system. I first un-updated KB2667402 and rebooted. Problem gone! Then it dawned on me that there was a reason the server hadn't finished booting after I came back from lunch: I had tried to install an update of the remote connection system, but the system was in use (I was updating remotely), and it didn't update the .dll concerned appropriately.
The fix: I re-updated singly KB2667402. All that required was unchecking the others in the list. I rebooted, and the problem was gone. If you get an update for KB2667402, make sure you have no remote connections active, and then do the update directly on the server - not through a remote connection.
The moral: If you're doing updates, do them from the highest authority directly at the server. Good luck.
