Windows 11 updates break localhost (127.0.0.1) HTTP/2 connections
by Lawrence Abrams · BleepingComputerUpdate 10/17/25: Microsoft fixes the bug using a KIR (Known Issue Rollback) update. More information added to end of story.
Microsoft's October Windows 11 updates have broken the "localhost" functionality, making applications that connect back to 127.0.0.1 over HTTP/2 no longer function properly.
Localhost refers to the local computer or device you're currently using, which can be accessed through the special IP address 127.0.0.1.
Developers commonly use localhost to test websites or debug applications, but it can also be used by applications that need to connect to a locally running service to perform some action or query.
After installing the Windows 11 KB5066835 Patch Tuesday, and even September's KB5065789 preview update, users are finding that their applications are no longer able to complete HTTP connections to the localhost (127.0.0.1) IP address.
When attempting to do so, they received errors like "ERR_CONNECTION_RESET" or "ERR_HTTP2_PROTOCOL_ERROR".
These issues have been reported by Windows users on the Microsoft forums, Stack Exchange, and Reddit, all stating they are no longer able to make HTTP connections to 127.0.0.1.
The bug has impacted widely used applications, including Visual Studio debugging, SSMS Entra ID authentication, and the Duo Desktop app, which verifies device security posture and requires connections back to web servers running on the localhost.
"After performing Windows Updates for Windows 11 24H2 and 25H2, you may experience an issue where the Duo Prompt is unable to reach Duo Desktop," reads the Duo support bulletin.
"This may prevent successful authentication (or result in limited functionality) in situations where the following are in use: Trusted Endpoints, Policies such as the Duo Desktop & Device Health policy, Duo Desktop as an Authentication Method. Duo Passport. Verified Duo Push with Bluetooth Autofill or Proximity Verification."
BornCity suggests the following Registry entries help resolve the problem by disabling the HTTP/2 protocol but BleepingComputer has not been able to independently confirm this fix.
[HKEY_LOCAL_MACHINE\System\CurrentControlSet\Services\HTTP\Parameters]
"EnableHttp2Tls"=dword:00000000
"EnableHttp2Cleartext"=dword:00000000
Another method that some claim resolved the problem was to install the latest Microsoft Defender intelligence update. However, others report that it has not fixed the issue on their Windows devices.
Instead, the only sure way to resolve the bug has been to uninstall the October KB5066835 update and September's KB5065789 preview update.
Windows users can uninstall the updates using the following commands:
wusa /uninstall /kb:5066835
wusa /uninstall /kb:5065789
After uninstalling the updates and restarting Windows, the loopback interface should once again allow HTTP/2 connections, resolving the issues using applications.
BleepingComputer contacted Microsoft about this bug and will update our story if we receive a response.
Update 10/17/25: Microsoft has confirmed they are aware of the issue and have released a Known Issue Rollback (KIR) update to fix the bug.
"We are actively working on mitigations and recommend customers follow our guidance available here," a Microsoft spokesperson told BleepingComputer.
In the support bulletin, Microsoft explains that the flaw is related to applications that rely on the HTTP.sys driver.
"Following installation of updates releases on or after September 29 (KB5066835), server-side applications that rely on HTTP.sys may experience issues with incoming connections. As a result, IIS websites might fail to load, displaying a message such as "Connection reset - error (ERR_CONNECTION_RESET)", or similar error. This includes websites hosted on http://localhost/, and other IIS connections," explains Microsoft.
"This issue is caused by a variety of conditions which can be influenced by the device's internet connectivity, as well as timing of recent update installation and device restarts. For this reason, it is possible that it may not be observed in some environments despite having installed the update mentioned above."
To fix the flaw, Microsoft says Windows users can open Windows Update and check for new updates to receive the KIR update:
- On the affected device, open "Windows Update" in the "Windows Settings" app. This can be accomplished by opening the start menu, typing "check for updates", and selecting from the results to the right
- Click on "Check for updates". Allow any updates to install.
- Restart your device. Note: please restart your device even if no updates are installed in the previous step.
Once you restart Windows, the localhost connection issues should be resolved.
Picus Blue Report 2025 is Here: 2X increase in password cracking
46% of environments had passwords cracked, nearly doubling from 25% last year.
Get the Picus Blue Report 2025 now for a comprehensive look at more findings on prevention, detection, and data exfiltration trends.