Windows 11 24H2 KB5055523 has yet another bug that causes issues with SAP GUI. Previously, I found that this month’s security update breaks Windows Hello, but that’s not all, we’re also seeing reports of SAP GUI crashes, and Event Viewer shows an error in ntdll.dll with SAPLogon.exe, 0xc0000409 and 0x000b1c30 error codes.
I asked Microsoft for more details, but I haven’t heard back from the company yet. However, Windows Latest spotted a support document on CrowdStrike’s website that seems to explain what’s going on. Windows Latest understands that a bug in KB5055523 causes Windows 11 and CrowdStrike Falcon (a security app) to conflict with each other.
While the conflict does not break the operating system, it causes issues with some apps, including SAP GUI, which crashes or fails to open. If you open Event Viewer, you’ll see an error called ntdll.dll, generated for SAPLogon.exe:
- Saplogon.exe, version: 8000.1.7.1161
- Faulting module name: ntdll.dll, version: 10.0.26100.3775
- Exception code: 0xc0000409
- Fault offset: 0x000b1c30
- Location of the faulty app: Faulting application path: C:Program Files (x86)SAPFrontEndSAPguisaplogon.exe with affected module in C:WINDOWSSYSTEM32ntdll.dll
In a support document, CrowdStrike noted that some apps crash immediately when you install Windows 11 KB5055523 and the AUMD feature in CrowdStrike Falcon Sensor is turned on.
What is the AUMD feature? Falcon Sensor’s Additional User-Mode Data (AUMD) is a built-in feature that collects information about how apps behave, run in the background and tries to detect strange or harmful behaviour to protect the OS and data.
In a separate support document, only accessible to SAP employees or those who use SAP in their organization, SAP also confirmed a bug where you won’t be able to access the SAP GUI after Windows 11 KB5055523.
“After the update of Windows KB5055523, SAP GUI for Windows cannot be used anymore,” SAP noted in a support document seen by Windows Latest. “Either SAP GUI does not start, or nothing happens after you try to connect to a SAP system.”
SAP has observed these issues with SAP GUI 800 32-bit when used with Crowdstrike Falcon and Windows 11 24H2 cumulative update.
How do you fix SAPLogon.exe crashes after Windows 11 April 2025 Update (version 24H2)?
We recommend rolling back the Windows Update manually using Command Prompt or PowerShell. However, you can also turn off AUMD in Falcon Sensor if you can. This will fix all the issues with SAP GUI.
You can also wait for an update from CrowdStrike, which is working with SAP and Microsoft on a potential fix.
As I mentioned at the outset, Windows 11 April 2025 Update has several other problems, including a bug where Windows Hello completely stops working, especially when you turn off the camera.
Windows Hello does not use the RGB camera (normal camera) for sign-in, so that’s something most people turn off for privacy reasons. However, Windows Hello is broken after the Windows 11 April 2025 Update, as a bug incorrectly blocks the infrared camera.
The post Windows 11 24H2 breaks SAP GUI (SAPLogon.exe) with ntdll.dll error (0xc0000409) appeared first on Windows Latest
Source: Read MoreÂ