update services Archives

Winsage

June 12, 2026

Microsoft fixes Windows update failures linked to WUSA installer

Microsoft resolved an issue affecting the installation of Windows updates released since May 2025, which primarily impacted users using the Windows Update Standalone Installer (WUSA) from a network share, especially in enterprise environments. The problem was significant for devices running Windows 11 24H2/25H2 and Windows Server 2025, but did not occur when handling a single .msu file or when files were stored locally. In August 2025, Microsoft acknowledged that updates installed using WUSA might fail with error ERRORBADPATHNAME when multiple .msu files were involved. A Known Issue Rollback Group Policy was implemented in September 2025 to mitigate the impact on home and non-managed business devices. The issue was ultimately resolved with cumulative updates released in June 2026 for Windows 11 (KB5079391) and Windows Server 2025 (KB5094125). Microsoft provided a workaround for users experiencing difficulties with prior updates by suggesting they save .msu files locally for installation. Users were also advised to wait at least 15 minutes after installing an .msu file via WUSA before checking the Update History page. Additionally, Microsoft had previously addressed another issue in April 2025 that affected enterprise customers installing security updates via WSUS, which recurred in the August 2025 updates. Microsoft warned customers about potential issues with installing the latest monthly updates on devices upgraded to Windows 11 24H2 or 25H2.

Winsage

May 25, 2026

How I Changed the SID on My Windows Server Without Reinstalling (And Why You Should Care)

Cloning a Windows Server machine can lead to issues with duplicate Security Identifiers (SIDs). A Security Identifier (SID) is a unique string assigned to every machine, user, and group in Windows, functioning like a fingerprint. Duplicate SIDs can cause problems such as domain join failures, incorrect WSUS reporting, inconsistent Group Policy application, and licensing issues. The author initially attempted to use sysprep to change the SID after cloning, which resulted in stripping the domain join and causing SQL Server to fail. The author then discovered Wittytool Disk Clone, which includes a SID changer that successfully generated a new SID and updated all necessary references without disrupting the server's configuration or applications. The process took only six minutes and worked similarly on Windows Server 2019. It is more efficient to generate a new SID during the cloning process rather than afterward. Important precautions include taking a snapshot or backup before making changes and being aware that changing the SID on domain controllers is more complex. Reactivation of Windows may also be required after the SID change.

Winsage

May 19, 2026

Microsoft confirms patching issues in restricted Windows networks

Microsoft has issued a service alert indicating that customers in restricted network environments may encounter Windows Update failures, specifically error code 0x80010002, after installing the January 2026 optional non-security preview updates. Affected devices might download the February monthly Windows security update but could struggle with updates released in March and beyond due to changes in download timeout requirements. Microsoft is working on a resolution, and IT administrators can use Known Issue Rollback (KIR) as a workaround by configuring the appropriate Group Policy for their Windows version. A device restart is required to apply these settings. Historical issues include a bug fixed in April 2025 affecting WSUS installations and another issue resolved in August 2025 related to the Windows 11 24H2 cumulative update. Additionally, a KIR fix was provided for a known issue causing the May 2026 Windows 11 security update to fail with error code 0x800f0922.

Winsage

May 15, 2026

Windows DNS Client Security Flaw Exposes Systems to Remote Code Execution

Windows systems are threatened by a vulnerability in the Windows DNS Client, identified as CVE-2026-41096, which allows remote code execution without user intervention. It has a CVSS base score of 9.8, indicating high severity. The flaw is a heap-based buffer overflow in the dnsapi.dll component, enabling unauthenticated remote attackers to execute arbitrary code. Exploitation requires sending a specially crafted DNS response to a vulnerable system, potentially leading to complete control over the host. Affected systems include supported versions of Windows 11 and Windows Server 2022/2025. Microsoft released security updates on May 12, 2026, and administrators are advised to apply these patches and reboot systems. Despite the severity, Microsoft currently classifies exploitation as “Exploitation Unlikely,” with no known public exploits or in-the-wild attacks.

Winsage

April 18, 2026

Microsoft closes book on rogue Windows Server 2025 upgrades

Microsoft has officially resolved the incident involving the unexpected upgrade to Windows Server 2025, which occurred over a year ago and caused significant disruption for system administrators. The upgrade was automatic, with no rollback option, and was attributed to third-party products managing updates. Additionally, Microsoft's cumulative update KB5082063 has introduced new issues, causing LSASS crashes on non-Global Catalog domain controllers in environments using Privileged Access Management, leading to repeated restarts and potential inaccessibility of domains. Microsoft has acknowledged this problem and promised a resolution soon.

Winsage

April 16, 2026

Microsoft Overhauls Windows Update for First Time in 15 Years Starting April

Microsoft is transforming its Windows Update system, starting in April, marking the most significant overhaul in over 15 years. The new system will centralize the management of operating system patches, drivers, and application updates, aiming to enhance user experience by simplifying the update process and improving reliability. Users will experience fewer interruptions, as updates will be consolidated into a single restart cycle, and updates will be scheduled during idle times to minimize disruptions. The update system will also expand support for driver and hardware updates. This transformation aligns with Microsoft's long-term vision for AI-enhanced PCs and cloud-integrated systems, enabling scalable updates for AI features and improving compliance for enterprise users. The rollout will begin gradually in April to mitigate risks associated with compatibility and execution.

Winsage

April 7, 2026

How to prevent updates on Windows 10 desktops

Organizations may pause or block Windows updates to maintain system stability and compatibility, particularly to avoid disruptions with legacy applications or customized environments, manage bandwidth consumption, and protect fortified Windows configurations. IT departments can disable updates using several methods: 1. Centralized patch management tools like WSUS or Microsoft Intune allow control over update deployment. 2. Configuring Group Policy settings can notify users of available updates without automatic installation. 3. Disabling the Windows Update service halts all future updates until re-enabled. 4. Setting a connection as metered can reduce automatic updates, though some critical updates may still download. In Windows 11, similar strategies apply, but organizations must consider the risks of blocking updates due to the end of regular security updates for Windows 10 and align their strategies with Microsoft's evolving update delivery methods.

Winsage

November 30, 2025

Microsoft warns Windows 11 users: If you can’t find password login option, it’s because… – The Times of India

Windows 11 users are experiencing a glitch where the password sign-in icon is missing from the lock screen after installing the non-security preview update KB5064081. This issue affects users with the August 2025 update or later on Windows 11 24H2 and 25H2 systems. Microsoft confirmed that the password functionality is still available by hovering over the area where the icon should be, allowing users to access the password text box. Microsoft has not provided a permanent fix yet. Additionally, other problems linked to recent updates include DRM-protected videos freezing and unexpected User Account Control prompts for non-admin users. Microsoft also addressed failures in security updates delivered through WSUS, which affected reset and recovery features in Windows 10 and Windows 10 Enterprise.

Winsage

November 29, 2025

Microsoft: Windows updates make password login option invisible

Microsoft has warned Windows 11 users about an issue where the password sign-in option may not appear on the lock screen after updates since August 2025, although the functionality is still available. This issue affects users who installed the KB5064081 non-security preview update or later on Windows 11 24H2 and 25H2 systems. Users can still log in by hovering over the area where the password icon should be, which reveals the button to access the password text box. Microsoft is working on a fix but has not provided a timeline. Additionally, Microsoft addressed other issues related to the KB5064081 update, including playback interruptions in DRM-protected video applications and installation problems for non-admin users. Earlier, Microsoft also released emergency updates to fix issues with security updates failing and problems with Windows reset and recovery features.

Winsage

November 3, 2025

Microsoft: Patch for WSUS flaw disabled Windows Server hotpatching

An out-of-band security update, KB5070881, has disrupted the hotpatching feature for some Windows Server 2025 devices. This update was released alongside reports of the CVE-2025-59287 remote code execution vulnerability. The Cybersecurity and Infrastructure Security Agency (CISA) has instructed U.S. government agencies to strengthen their systems against this vulnerability. Microsoft has acknowledged that the OOB update caused some Hotpatch-enrolled Windows Server 2025 systems to lose their enrollment status and has ceased distributing the update to these devices. Those who installed the update will not receive Hotpatch updates in November and December but will get standard monthly security updates. Administrators can install the KB5070893 security update to address the CVE-2025-59287 flaw without disrupting hotpatching. Microsoft has also disabled the display of synchronization error details in its WSUS error reporting system and resolved various issues affecting Windows 11.