Did a Microsoft patch break Hyper-v For You? Me too! Luckily there's a fix.

A while back there was quite the buzz about the Meltdown/Spectre vulnerabilities related to x86 code on AMD and Intel processors. There were firmware updates, patches, and general hysteria for about a week. Well, as it turns out, windows server patch kb4056898 decided to break one of my hyper-v hosts. The patch prevented any VMs from starting. The only immediate fix was to remove the patch. 

Well, as it turns out, that patch got rolled into newer patches. Basically any Security rollup after January 2018 contains the patch. So removing the patch every month wasn't really an option. But without fail, the VMs on this isolated host would just go down every time the server was patched. Well, after much reading, and searching, it turns out that this security update had Registry Keys that had to be modified, manually.... Microsoft strikes again. 

Well, I finally stumbled upon a thread that covers the whole thing rather in depth:

https://community.spiceworks.com/topic/2104499-jan-2018-windows-updates-kb4056898-causing-hyper-v-guests-crash

And just in case anyone else has run into this buzzsaw, keep in mind this would also effect Docker as well, here are the steps to get things back to normal:

Do all of this from and elevated command prompt:

reg add "HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\Session Manager\Memory Management" /v FeatureSettingsOverride /t REG_DWORD /d 3 /f
reg add "HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\Session Manager\Memory Management" /v FeatureSettingsOverrideMask /t REG_DWORD /d 3 /f

Restart the server for the changes to take effect.

Enable the fix

reg add "HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\Session Manager\Memory Management" /v FeatureSettingsOverride /t REG_DWORD /d 0 /f
reg add "HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\Session Manager\Memory Management" /v FeatureSettingsOverrideMask /t REG_DWORD /d 3 /f
reg add "HKLM\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Virtualization" /v MinVmVersionForCpuBasedMitigations /t REG_SZ /d "1.0" /f

Restart the server for the changes to take effect.

And voila! Your VMs will start right up. Also keep in mind that I had the issue on Server 2016, while in the article, he has the issue on 2012 R2. So this isn't specific to the OS version it seems.