Due to the time correction function of Windows, the clock sometimes shifts by several months and is reset

In Windows, there seems to be a situation where the system clock is reset every few days to several months. It is pointed out that the cause of this situation is a function called 'Secure Time Seeding' introduced in 2016.

Windows feature that resets system clocks based on random data is wreaking havoc | Ars Technica

According to the news site Ars Technica, in the Norwegian data center, the system clock was reset to `` 55 days later '', and the phone number waiting to change the mobile phone company was `` already changed '' On the other hand, it seems that it has become a serious problem that the number that has already been changed becomes 'work pending'.

In fact, a similar situation occurred in August 2022, and Mr. Ziemen, an engineer who revealed only his first name to Ars Technica, pursued the cause this time. And I found that it was due to the function called 'Secure Time Seeding' of Windows.

If the Windows system clock is out of order, it will affect many things, such as parsing digital certificate timestamps and running jobs. Secure Time Seeding is a function that allows you to maintain accurate time even when the machine is turned off so that such a situation does not occur.

One way to adjust the clock is to use an NTP server, but according to Microsoft, when you are not in a state where you can communicate securely on the network, you can get the time without ignoring security or creating a hole due to some kind of exception. Because it is not possible, Secure Time Seeding sets the time based on the data in the SSL handshake.

This problem was also encountered by another engineer, Ken, and in Ken's case, about 20 servers out of a total of 5,000 had problems, and some of the time was shifted to '2159'. It seems that there was also a thing.

Mr. Ziemen and Mr. Ken have reported the problem to Microsoft, but it seems that no effective countermeasures have been found.

After Ars Technica published an article, Microsoft said, ``Secure Time Seeding is enabled in the default configuration of all Windows and works as intended.'' ``There are cases where it does not work as intended. complicating factors are likely to exist,' the statement said. 'The only recommended action is to disable the feature in the deployment.'