π―Microsoft's recent update for Windows Server caused some servers to keep restarting, making it hard for users to log in. They quickly released a fix to stop the restarts, but some users are still facing issues with security keys. It's a reminder that testing updates before using them is really important.
What Happened
Microsoft has confirmed that some Windows domain controllers are entering restart loops due to Local Security Authority Subsystem Service (LSASS) crashes after installing the April 2026 security updates. This issue primarily affects domain controllers in environments using Privileged Access Management (PAM), which may experience LSASS crashes during startup. As a result, affected DCs may restart repeatedly, preventing authentication and directory services from functioning, potentially rendering the domain unavailable. Microsoft acknowledged that after installing the April 2026 Windows security update (KB5082063), domain controllers (DCs) in multi-domain environments are particularly vulnerable.
What's at Risk
The impact is significant for organizations relying on Windows Server, particularly those that utilize multiple domains within their forest. A domain outage can lead to inaccessibility of critical resources, including network shares and other services requiring authentication. The issue affects systems running Windows Server 2016 through 2025, and the potential for widespread disruption has raised alarms among IT administrators.
Patch Status
In response to the widespread issues, Microsoft has issued an out-of-band update to address the restart loop problem, which was serious enough to necessitate immediate action. This update not only resolves the restart loop but also addresses failed installations of the April update. Hotpatches are also available for affected users. However, there are still reports of some devices prompting users to enter a BitLocker recovery key after the update, an issue that primarily impacts enterprise devices with specific Group Policy configurations. Microsoft has faced criticism for the frequency of out-of-band updates, leading some to question the quality control of their updates.
Immediate Actions
IT administrators are advised to apply the out-of-band update as soon as possible to mitigate the risks associated with the reboot loops. Microsoft has also encouraged affected organizations to contact Microsoft Support for further guidance on managing the situation. This incident highlights the importance of thorough testing before deploying updates directly to production environments, as the consequences of such issues can be severe. Administrators are reminded that deploying Microsoft updates without adequate testing is a risky practice.
Conclusion
This latest incident is part of a troubling trend for Microsoft, as the company has had to issue multiple out-of-band updates in recent months to address various critical issues. Administrators are left to navigate the complexities of maintaining system stability while relying on timely and effective patches from Microsoft. The ongoing issues have led to a perception that out-of-band updates are becoming the norm rather than the exception, raising concerns about the overall reliability of Microsoft's update processes.
The frequency of out-of-band updates from Microsoft has raised concerns among IT administrators regarding the reliability of their patch management process. It underscores the necessity for rigorous testing before deploying updates in production environments.
