P2 · Backup & Recovery

VSS Snapshot Timeout Failures — Veeam/Acronis/Commvault Backups Fail After Spring 2026 Windows Updates (24H2/25H2/Server 2022/2025)

Following the April/May 2026 Windows Update cycles, enterprise backup jobs on Windows 11 (24H2/25H2) and Windows Server 2022/2025 fail abruptly mid-execution because the updates altered I/O freeze-and-thaw timers, causing third-party backup engines (Veeam, Acronis, Commvault) to exceed hard VSS execution timeouts. VSS writers enter a Failed [7] or Timed out [9] state, and Event IDs 12289 and 8193 appear in the System log coinciding with job failures. The immediate workaround is restarting the Volume Shadow Copy (VSS) and COM+ System Application (COMSysApp) services; longer-term remediation requires vendor-specific patches and/or tuning the VssTimeout registry DWORD value. The regression leaves environments without valid backup coverage, creating significant compliance and audit risk.

Indicators

Scheduled enterprise backup jobs (Veeam, Acronis, Commvault) fail abruptly mid-execution after Spring 2026 Windows updates are applied
Backup software error messages indicate inability to create shadow copies or communicate with the Volume Shadow Copy Service (VSS)
vssadmin list writers output shows VSS writers in State: [7] Failed immediately after a failed backup job
vssadmin list writers output shows VSS writers in State: [9] Timed out immediately after a failed backup job
Event ID 12289 present in Windows Logs > System coinciding with backup failure window
Event ID 8193 present in Windows Logs > System coinciding with backup failure window
Affected hosts confirmed to have received April or May 2026 cumulative update packages via Settings > Windows Update > Update History or Get-HotFix

Likely causes

Regression introduced by the April/May 2026 Windows cumulative updates on Windows 11 24H2/25H2 and Server 2022/2025 that alters I/O freeze-and-thaw timer behaviour, causing VSS snapshot operations to exceed the hard execution timeout before backup engines can complete
Third-party backup engines (Veeam, Acronis, Commvault) have not received patches accommodating the new effective timeout windows imposed by the Spring 2026 regression at the time of initial impact
VssTimeout registry DWORD values on affected hosts are not tuned to compensate for the shorter effective timeout window introduced by the April/May 2026 updates

Diagnostic steps

Immediately after a failed backup job, open an elevated command prompt and run: vssadmin list writers

Identify which VSS writers are in a Failed [7] or Timed out [9] state, confirming VSS is the failure point rather than the backup agent network or repository layer
Query the System event log for VSS error events coinciding with the backup failure window. In an elevated PowerShell session run: Get-WinEvent -LogName System | Where-Object { $_.Id -eq 12289 -or $_.Id -eq 8193 } | Select-Object TimeCreated, Id, Message | Sort-Object TimeCreated -Descending | Select-Object -First 20

Confirm VSS-specific error Event IDs 12289 and 8193 are present and correlate timestamps with the failed backup window, distinguishing timeout-driven failures from other VSS subsystem faults
Verify Spring 2026 Windows updates are installed on the affected host. Run in PowerShell: Get-HotFix | Sort-Object InstalledOn -Descending | Select-Object -First 20 — or check Settings > Windows Update > Update History for April/May 2026 cumulative updates

Confirm the Spring 2026 regression patch is the trigger, ruling out pre-existing VSS configuration drift, storage-layer issues, or unrelated backup agent faults
Review backup software logs for explicit VSS timeout error messages and note the exact timeout threshold reported: Veeam Backup & Replication console (Job > Statistics > View Log), Acronis Management Console (Activities log), or Commvault CommCell Console (Job Controller > View Events)

Determine which backup engine and VSS writer combination is failing, and obtain the exact timeout duration to guide registry tuning and vendor KB cross-referencing
Cross-reference findings against vendor support portals (Veeam KB, Acronis Support, Commvault documentation) and BleepingComputer to identify whether a vendor patch is already available for the affected product version and Spring 2026 VSS timeout regression

Establish whether a permanent vendor-issued fix exists before committing to registry workarounds, avoiding unnecessary configuration debt

Resolution path

Step 1 — Immediate service restart workaround: In an elevated command prompt, restart the Volume Shadow Copy service and COM+ System Application service: net stop VSS && net start VSS then net stop COMSysApp && net start COMSysApp — this clears stuck writer states. Retry the backup job to confirm VSS writers initialise cleanly before proceeding.
Step 2 — Apply vendor-specific patches: Check the Veeam, Acronis, or Commvault support portal for patches released in response to the Spring 2026 VSS timeout regression. Apply the patch per vendor instructions. This is the preferred permanent fix if available for your product version.
Step 3 — Registry timeout adjustment (if vendor patch is unavailable or insufficient): Apply the VssTimeout registry DWORD value tweak at the vendor-specified path under HKLM:\SYSTEM\CurrentControlSet\ (exact subkey per vendor KB). Document the original value before editing. After applying, restart the Volume Shadow Copy service (net stop VSS && net start VSS) and retest the backup job.
Step 4 — Validate backup completion: Run a full manual backup job in the backup console (Veeam, Acronis, or Commvault) and confirm it completes with a success status and no VSS-related warnings or errors. Re-run vssadmin list writers post-backup and confirm all writers show State: [1] Stable with no [7] or [9] entries.
Step 5 — Confirm recoverability: Initiate a test restore of a small dataset from the newly completed backup to verify backup data integrity and confirm disaster recovery capability is restored.

Prevention

Implement a staged Windows Update deployment policy (pilot ring → production ring with a 2–4 week delay) so that regressions in update cycles like April/May 2026 are caught in a non-production environment before impacting live backup infrastructure.
Configure alerting on VSS Event IDs 12289 and 8193 in your SIEM or monitoring platform so that backup failures trigger immediate P1/P2 alerts before compliance windows are breached, rather than being discovered at the next backup review.
Subscribe to backup vendor release notes and patch advisories (Veeam, Acronis, Commvault) so that VSS timeout patches can be applied proactively in parallel with or immediately after OS update rollouts.
Run monthly test restores of a representative dataset on a defined schedule so that silent backup failures are caught well before an actual disaster recovery event exposes the coverage gap.

Tools

vssadmin list writers — enumerate VSS writers and their current state immediately after a failed backup
Event Viewer / Get-WinEvent — query System log for VSS Event IDs 12289 and 8193
net stop / net start — restart Volume Shadow Copy (VSS) and COM+ System Application (COMSysApp) services
Get-HotFix — enumerate installed Windows updates to confirm Spring 2026 patch presence
Veeam Backup & Replication console — review backup job logs and apply vendor patches
Acronis Management Console — review backup job logs and apply vendor patches
Commvault CommCell Console — review backup job logs and apply vendor patches
Registry Editor (regedit) / reg add — apply VssTimeout DWORD value adjustments per vendor KB

References

VSSVolume Shadow Copy Servicebackup failuresnapshot timeoutWindows Server 2022Windows Server 2025Windows 11 24H2Windows 11 25H2VeeamAcronisCommvaultSpring 2026 regressionApril 2026 updateMay 2026 updatedisaster recoverycomplianceEvent ID 12289Event ID 8193VssTimeoutregistryenterprise backupP2