Why Windows Servers Randomly Jump Their Clock – The Hidden STS Bug

Background

Operating‑system time handling has historically caused serious bugs (e.g., Y2K, Linux NTP leap‑second crashes). A recent bug in Windows Server causes the system clock to jump forward by days, weeks, months, or even years.

What happened

Engineers reported that Windows Server 2016 and 2019 machines reset their clocks far into the future (up to 55 days, or to the year 2159) and later reverted. The issue appears most often on database servers, where large time offsets break backups and other time‑sensitive operations.

Root cause: Secure Time Seeding (STS)

STS is a Windows feature introduced in 2016 that attempts to keep accurate time when a device cannot reach a trusted time server. It is enabled by default on client and server installations.

During an SSL handshake STS extracts two pieces of data:

ServerUnixTime – the number of seconds since 1970‑01‑01 UTC reported by the remote server.

Certificate revocation signature – a cryptographic signature from the server’s SSL certificate indicating its revocation status.

STS queries multiple servers, merges the ServerUnixTime values with the OCSP (Online Certificate Status Protocol) validity periods, and computes a confidence score. When the score exceeds a threshold, the data is labeled STSHC (Secure Time Seed of High Confidence) and is used to decide whether the system clock has a “serious error”. If so, STS forces the clock to match the estimated “safe time”.

Why the bug occurs

The heuristic can produce wildly inaccurate estimates. In practice, STS sometimes predicts a future date that is far ahead of the actual time, and then forces the system clock to that erroneous value. This leads to clock jumps of up to several years, disrupting services that rely on correct timestamps.

Mitigation

The only reliable mitigation currently is to disable STS. This is done by setting a registry value:

HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Services\W32Time\Config\UtilizeSslTimeData = 0 (DWORD)

Setting the value to 0 disables STS; setting it to 1 re‑enables it.

References

https://arstechnica.com/security/2023/08/windows-feature-that-resets-system-clocks-based-on-random-data-is-wreaking-havoc/

https://news.ycombinator.com/item?id=37151220

https://www.reddit.com/r/sysadmin/comments/61o8p0/system_time_jumping_back_on_windows_10_caused_by/