Share via

Update KB5049981 Causes Event ID 7023 Error For Service Control Manager....System Guard Runtime Monitor Broker.exe terminated with Error %%3489660935

Anonymous
2025-01-14T23:56:45+00:00

Hello all. I am on Win10 Home Version 22H2  OS Build 19045.5371 on a HP Omen Desktop and a HP Envy Laptop. I noticed today upon checking my Event Viewer after installing patch Tuesday updates Cumulative Update for Windows 10 Version 22H2 for x64-based Systems KB5049981 and KB5050188 and also KB890830 I started seeing the below Event 7023 Service Control Manager....SgrmBroker.exe (System Guard Runtime Monitor Broker] Terminated with Error %%3489660935 after restarting my computer. I have run SFC and DISM and did not find any integrity violations. I am not seeing any other computer problems except this error. Tried to change the System Guard Runtime Monitor Broker Service but access is denied and remains on Delayed Start. I do not use Windows Defender but I use Norton 360 Select Plus on both computers. Is anyone else seeing this and is there a solution for this error. I have tried everything including the registry “HKEY_Local_MACHINE\SYSTEM\CurrentControlSet\Services” Start setting change from 3 to 4 but that causes a lot of Security SPP errors so I changed the value back and did a system restore that I had made before hand. It would appear the Update problem is with KB5049981. Microsoft this needs to be fixed as I feel the integrity of the Windows platform is at risk with this service not starting like it is suppose to do.

Respectfully,

Don

Log Name:      System

Source:        Service Control Manager

Date:          1/14/2025 3:48:16 PM

Event ID:      7023

Task Category: None

Level:         Error

Keywords:      Classic

User:          N/A

Computer:      DESKTOP-

Description:

The System Guard Runtime Monitor Broker service terminated with the following error:

%%3489660935

Event Xml:

<Event xmlns="http://schemas.microsoft.com/win/2004/08/events/event">

  <System>

    <Provider Name="Service Control Manager" Guid="{555908d1-a6d7-4695-8e1e-26931d2012f4}" EventSourceName="Service Control Manager" />

    <EventID Qualifiers="49152">7023</EventID>

    <Version>0</Version>

    <Level>2</Level>

    <Task>0</Task>

    <Opcode>0</Opcode>

    <Keywords>0x8080000000000000</Keywords>

    <TimeCreated SystemTime="2025-01-14T20:48:16.2255419Z" />

    <EventRecordID>243885</EventRecordID>

    <Correlation />

    <Execution ProcessID="468" ThreadID="7164" />

    <Channel>System</Channel>

    <Computer>DESKTOP-             </Computer>

    <Security />

  </System>

  <EventData>

    <Data Name="param1">System Guard Runtime Monitor Broker</Data>

    <Data Name="param2">%%3489660935</Data>

    <Binary>5300670072006D00420072006F006B00650072000000</Binary>

  </EventData>

</Event>

Windows for home | Windows 10 | Performance and system failures

Locked Question. This question was migrated from the Microsoft Support Community. You can vote on whether it's helpful, but you can't add comments or replies or follow the question.

0 comments
Answer accepted by question author
  1. lmacri 2,500 Reputation points
    2025-02-05T12:08:24+00:00

    ... It's definitely unsettling, as the System Guard Runtime Monitor is an important security feature, particularly if the hardware doesn't support Secure Launch. It has to be a bug. I hope that Microsoft will prioritize fixing this.

    Hi Jay G4:

    User 0xb1a’s 20-Jan-2025 post <here> in this topic includes the contents of Microsoft bulletin WI982633 stating that Microsoft is aware of this bug and has marked the status as "Mitigated". From that bulletin:

    "This service was originally created for Microsoft Defender, but it has not been a part of its operation for a very long time*. Although Windows updates released January 14, 2025 conflict with the initialization of this service, no impact to performance or functionality should be observed.*

    There is no change to the security level of a device resulting from this issue. This service has already been disabled in other supported versions of Windows, and SgrmBroker.exe presently serves no purpose*.*

    Note: There is no need to manually start this service or configure it in any way (doing so might trigger errors unnecessarily). Future Windows updates will adjust the components used by this service and SgrmBroker.exe. For this reason, please do not attempt to manually uninstall or remove this service or its components."

    The "Known Issues" section of the release notes for KB5049981 (OS Build 19045.5371, released 14-Jan-2025 ) at https://support.microsoft.com/help/5049981 states that "We are working on a resolution and will provide an update in an upcoming release" so I'm hoping the February 2025 Patch Tuesday updates scheduled for 11-Feb-2025 will include a bug fix that stops these System Guard Runtime Monitor Broker service (SgrmBroker.exe) Event ID 7023 errors.

    Dell Inspiron 15 5584 * 64-bit Win 10 Pro v22H2 build 19045.5371 * Firefox v135.0.0 * Microsoft Defender v4.18.24090.11-1.1.24090.11 * Malwarebytes Premium v5.2.5.158-1.0.5135 * Macrium Reflect Free v8.0.7783

    11 people found this answer helpful.
    0 comments

82 additional answers

Sort by: Most helpful
Most helpful Newest Oldest
  1. Anonymous
    2025-01-15T08:59:04+00:00

    I have the same problem, it feels like it's being done on purpose.

    37 people found this answer helpful.
    0 comments
  2. Anonymous
    2025-01-15T09:40:12+00:00

    Hello,

    Thanks for reaching out here in the Microsoft Answers Community.

    Since you have mentioned that you are "not seeing any other computer problems except this error", you can ignore the error.

    Usually, you can ignore the errors and warnings in system event logs. Most system services are designed for a wide range of system configurations and hardware, so such errors are expected.

    Also, based on the registry changes you have mentioned, you have disabled the Time Broker service, which is used for time-sensitive operations like notifications, alarms, and schedulers. Generally you should not disable system services, so please revert the registry edit.

    Thanks for your patience and understanding.

    Best Regards,

    Sheng G. - MSFT | Microsoft Community Support Specialist

    2 people found this answer helpful.
    0 comments
  3. Anonymous
    2025-01-15T10:17:20+00:00

    Hi were are also see this on Server 2022 after Windows Updates January 2025. Service could not start. Windows could not start the System Guard Runtime Montior Broker service on local Computer. Error 0x80070005: Access is denied.

    26 people found this answer helpful.
    0 comments
  4. Anonymous
    2025-01-15T10:21:34+00:00

    People don't want answers to ignore errors, especially when this has only popped up with the Jan 14/01/2025 updates pushed through. Best thing we can do is keep hitting that "I have the same question" so this gets flagged to Microsoft ASAP. It sounds like a very important service that is not working. That should not be ignored.

    96 people found this answer helpful.
    0 comments