Security update Archives

Winsage

April 18, 2026

Windows Server 2025 Update KB5082063: Error 0x80073712 due to Media Player; and Error 0x800F0983

Cumulative update KB508206, released on April 14, 2024, for Windows Server 2025, is causing installation failures for some administrators. Error code 0x800F0983 has been acknowledged by Microsoft as an issue related to the update process, while error code 0x80073712 has been linked to the legacy Windows Media Player application. Reports indicate that the installation of KB5082063 is problematic, particularly on systems configured in German, with users experiencing persistent failures despite attempts to use repair commands. The installation issues may be related to missing files associated with the Media Player language packs, affecting various language configurations.

Winsage

April 17, 2026

Microsoft’s April patch puts Windows domain controllers into reboot loops — third known issue from KB5082063 is affecting Windows Server 2016 through 2025

Microsoft has acknowledged that the April 2026 security update for Windows Server, patch KB5082063, has caused significant disruptions for some enterprise domain controllers, leading to continuous reboot cycles in non-Global Catalog domain controllers used in Privileged Access Management (PAM) deployments. This has resulted in the unavailability of Active Directory authentication and directory services on affected servers. Additionally, the installation of KB5082063 may fail on some Windows Server 2025 systems. This issue marks the third consecutive year that April security updates have caused problems for Windows Server domain controllers. In previous years, Microsoft issued emergency fixes for similar issues, including crashes and complications with NTLM authentication. Administrators currently have limited options, including delaying the update, isolating a test domain controller, or engaging with Microsoft Support for tailored mitigation steps.

Winsage

April 16, 2026

Microsoft April Update Forces BitLocker Recovery on Servers

A recent Microsoft security update, April 2026 KB5082063, has caused issues for administrators of Windows Server 2025 and Windows 11 systems, with many devices entering BitLocker recovery mode after reboot, requiring a 48-digit recovery key. This issue primarily affects enterprise-managed systems with specific TPM Group Policy settings involving PCR7 validation. Similar problems have been reported with updates KB5083769 and KB5082052 on Windows 11. The issue arises from five conditions: BitLocker must be enabled on the OS drive, the Group Policy must include PCR7, the msinfo32.exe tool must show Secure Boot State PCR7 Binding as “Not Possible,” the Windows UEFI CA 2023 certificate must be in the Secure Boot Signature Database, and the device must not be using the 2023-signed Windows Boot Manager. Microsoft suggests two workarounds: removing the TPM validation Group Policy before the update and re-enabling BitLocker, or applying a Known Issue Rollback (KIR) before installation. Skipping the April updates is not advisable due to the addressing of 167 vulnerabilities, including two zero-days. BitLocker recovery issues following updates have been recurring since 2022, with similar incidents reported in August 2022, August 2024, and May 2025, indicating ongoing challenges with Secure Boot certificates and TPM validation bindings in enterprise environments.

Winsage

April 16, 2026

Microsoft: April Windows Server 2025 update may fail to install

Microsoft is investigating an issue with the installation of the KB5082063 security update on Windows Server 2025 systems, where users are encountering the 0x800F0983 error code during the deployment of April 2026 cumulative updates. A service alert indicated that a limited number of servers may experience installation failures with this error. Additionally, some Windows Server 2025 devices may unexpectedly boot into BitLocker recovery mode after the update, requiring a BitLocker key, although this is unlikely to affect home users. Microsoft has also resolved a long-standing bug that caused Windows Server 2019 and 2022 systems to upgrade to Windows Server 2025 unexpectedly. Furthermore, Microsoft has released several emergency updates this year to address various security vulnerabilities, including issues with the Routing and Remote Access Service, Bluetooth device visibility, Microsoft account sign-ins, and installation challenges related to the March 2026 non-security preview update.

Winsage

April 16, 2026

Microsoft: April updates trigger BitLocker key prompts on some servers

Microsoft announced that certain Windows Server 2025 devices may experience a BitLocker recovery prompt after installing the April 2026 KB5082063 Windows security update. The recovery mode will be triggered under specific conditions: BitLocker must be enabled on the operating system drive, the Group Policy for TPM validation must be configured with PCR7, the Secure Boot State PCR7 Binding must indicate "Not Possible," the Windows UEFI CA 2023 certificate must be in the Secure Boot Signature Database, and the device must not be using the 2023-signed Windows Boot Manager. Microsoft stated that this issue is unlikely to affect personal devices, as the configurations are mainly found in enterprise-managed systems. They are working on a resolution and recommend administrators remove the Group Policy configuration before deploying the update. If removal is not possible, applying a Known Issue Rollback (KIR) is advised to prevent triggering the recovery prompt. Microsoft has previously addressed similar BitLocker recovery prompt issues in May 2025, August 2024, and August 2022.

Winsage

April 16, 2026

Microsoft’s latest Windows update now confirms if your PC is Secure Boot-protected

Microsoft has introduced a new feature in Windows 11 and Windows 10 that informs users about the status of Secure Boot as part of the April Patch Tuesday update. This feature includes a visual indicator that shows whether devices have the latest Secure Boot certificates, which protect against bootkit malware. The Secure Boot icon can display in green, yellow, or red, indicating different security statuses: green means secure with no actions needed, yellow indicates a pending safety recommendation, and red signals that immediate attention is required. Users can check their Secure Boot status through Settings in both operating systems. It is important to install the latest Windows updates to ensure devices have the most recent Secure Boot certificates, as older certificates will expire in June. The April updates also address 164 vulnerabilities, including eight classified as critical and two identified as zero-day flaws. Users are advised to prioritize these updates to maintain system security.

Winsage

April 15, 2026

Microsoft releases Windows 10 KB5082200 extended security update

Microsoft has released the Windows 10 KB5082200 extended security update, addressing vulnerabilities from the April 2026 Patch Tuesday, including two critical zero-day flaws. The update enhances security with new protections against phishing attacks using Remote Desktop Protocol (.rdp) files and provides updated indicators in Windows Security for new Secure Boot certificates. Users can install the update by checking for updates in the Windows Update settings. After installation, Windows 10 will upgrade to build 19045.7184, and Windows 10 Enterprise LTSC 2021 will transition to build 19044.7184. The update resolves a total of 167 vulnerabilities, including two significant zero-day issues, and includes fixes for signing into Microsoft apps, enhanced Remote Desktop security, dynamic Secure Boot status reporting, and issues affecting Intel-based devices with Connected Standby. Microsoft is also rolling out new Secure Boot certificates to replace older ones expiring in June 2026, with no known issues reported for this update.

Winsage

April 14, 2026

Windows 11 KB5083769 out with improved /scannow, direct download links for offline installers (.msu)

Windows 11 has started rolling out update KB5083769, which introduces the ability to disable Smart App Control and provides offline installers for direct download. The update will automatically download and install unless users have paused updates for up to five weeks. Upon installation, Windows 11 25H2 will advance to Build 26200.8246, while version 24H2 will progress to Build 26100.8246. Users can check their update status in Settings > System > About. The update includes several .NET Framework security updates (KB5082417, KB5086097, KB5086096). The size of the April 2026 Update is approximately 5.1GB for x64 systems and under 4.5GB for arm64. New features include the ability to toggle Smart App Control, enhanced integration of Microsoft 365 in Windows Settings, modernized dialogs in Settings, and improvements to the sfc /scannow feature for accurate status reports.

Winsage

April 11, 2026

“We have discontinued SaRA”: Microsoft replaces its Windows 11 Recovery Assistant — here’s how to transition to Microsoft’s modern command-line replacement.

Microsoft has phased out the Support and Recovery Assistant (SaRA) utility with the March 2026 Security Update for Windows 11, replacing it with the new "Get Help" command-line tool. The SaRA was designed to troubleshoot and resolve common issues affecting Windows 11 and Microsoft 365 applications. Users are now encouraged to use the Get Help command-line tool, which offers enhanced functionality and security. To use the Get Help tool, users must download the files, extract them, and run specific commands in the Command Prompt. The tool addresses various issues, including Microsoft 365 activation challenges and Outlook profile errors.

AppWizard

April 9, 2026

Project Zomboid bans rogue mods deploying “malicious code” to players’ PCs

The Indie Stone has removed a series of malicious mods associated with the 'True Moozic' soundtrack expander for Project Zomboid, which were found to generate harmful files outside the game’s directory. These mods were not linked to their original creator and have been taken down from the Steam Workshop. The developer banned the individual responsible for these uploads and advised players who downloaded the affected mods to take security precautions. A total of 14 mods from the same user were identified, with installations estimated between 500 and 2,200. The Indie Stone clarified that the exploit was limited to Build 42 branches and emphasized that the malicious uploads were unauthorized and not part of the True Moozic mod. Additionally, they released a security update for Build 41 to address a separate vulnerability, which has not been found to be exploited. The 'outdated unstable' branch has also been updated to ensure it remains one content update behind the 'unstable' branch.