Azure Stack Hub hotfix 1.2005.42.126


  • Accounted for some ghost NIC scenarios when deleting a resource group.
  • Improved reliability of process watchdog.
  • Fixed bugs that increased memory pressure on infrastructure.

Fixes rolled up from previous hotfix releases

  • Patched missing Hyper-V endpoint, enabling compute control plane operations to call the appropriate endpoint.
  • Fixed a bug in which BCDR runner logs filled up MASLogs folders on physical hosts.
  • Added monitoring for WMI and remediation.
  • Enhanced idempotent logic in handling malfunctioning TPMs.
  • Fixed an issue in which uninstalling some extensions put previously deployed extensions into a failed state.
  • Fixed an issue in which partner node certificates required by nchostagent might be deleted.
  • Fixed VM NICs getting a different hardware identifier after VM is deallocated and restarted.
  • Fixed an issue in which infrastructure VM deployment can fail after applying a hotfix.
  • Fixed an issue in which a secondary blob data partition cannot be loaded in some error cases.
  • Fixed a bug in local health system that potentially increased memory pressure on infrastructure.
  • Patched SDN-related binaries on the physical nodes.
  • Fixed an invalid state in Storage resource provider for storage accounts migrated from 1910 with suspended state.
  • Improved resiliency of VM provisioning, extension, and image operations.
  • Added PEP to retrieve current registration details, stale object cleanup for Remove-Registration.
  • Improved reliability of log collection for SDN roles by collecting on file share.
  • Fixed an issue that erroneously raises an alert: "Node inaccessible for VM Placement."
  • Removed invalid repair interface for seedringservices.
  • Improved SDN network reliability on the physical nodes.
  • Disabled winrm runner
  • Fixed a bug check and enforced external key protectors on cluster shared volumes.
  • Fixed an issue in which a storage account might be partially restored due to a KVS race condition in the SRP background usage job.
  • Fixed an issue in which a virtual subnet was not being cleaned up if the tunnel was moved to a different GW VM and then the VGW was deleted.
  • Fixed an issue that could cause registration and internal secret rotation to fail.
  • Fixed an issue in the internal secret rotation, which might cause a failure in the next update.
  • Added memory-specific settings to crash dump settings.
  • Restarted SQL VMs to mitigate potential issue with database access that affected access to portal.
  • Remediated SMB handle invalidation issue triggered by ESENT error 59 event in TableServer.
  • Included AzsInfraRoleSummary Test-Azurestack test as UpdateReadiness.
  • Remediated ERCS memory pressure during patch & update.
  • Include deployment provider identity certificate into the internal secret rotation.
  • Improved Network Controller stability.
  • Increased Network Controller log retention to aid in diagnosis.
  • Added Get-NetView as a part of Get-AzureStackLog collection by default.
  • Fixed an issue where marketplace downloads could fail due to a certificate validation error.
  • Improved HealthAgent binary switchover logic.
  • Improved cluster shared volumes rebalance after Patch & Update (PnU).
  • Used ADSI to fetch localgroup members in HealthAgent.
  • Added the missing records, when WASP VMs fail to synchronize records and zones by using DNS cmdlet during scale in and scale out.
  • Improved storage service reliability during PnU.
  • Removed public IP quota validation that caused an issue when creating an internal load balancer.
  • Improved reliability of VM deletion: ensure new VMs that could not be fully created or added to the cluster are deleted.
  • Check and enforce key protectors on cluster shared volumes.
  • Fixed "access denied" issue causing update and admin operations to fail.
  • Fixed WhsFaultScanner to re-launch when it gets stuck to make sure alerts are correctly generated for users.
  • Fixed orchestration bug that prevented storage regeneration telemetry events from being emitted.
  • Fixed an issue which impacted the reliability of downloading subsequent updates.
  • Improved ability to diagnose failures based on orchestrator telemetry.
  • Fixed SRP race condition in moving system storage accounts to system internal subscription during 2005 PnU.
  • Fixed time unit scaling error in the server latency metrics
  • Restarted SQL VMs to mitigate potential issue with database access that affected access to portal.
  • Fixed an issue in which the configuration of the retention period for deleted storage accounts was reverted.
  • Improved reliability of storage blob and table service.
  • Addressed issue in the Send-AzureStackDiagnosticLog PEP cmdlet.
  • Increased the HRP repair time when an update failure occurs.

Hotfix information

To apply this hotfix, you must have version 1.2005.6.53 or later.


As outlined in the release notes for the 2005 update, make sure that you refer to the update activity checklist on running Test-AzureStack (with specified parameters), and resolve any operational issues that are found, including all warnings and failures. Also, review active alerts and resolve any that require action.

File information

Download the following files. Then, follow the instructions on the Apply updates in Azure Stack page on the Microsoft Docs website to apply this update to Azure Stack.

Download the zip file now.

Download the hotfix xml file now.

More information

Azure Stack Hub update resources

Apply updates in Azure Stack

Monitor updates in Azure Stack by using the privileged endpoint