Microsoft has issued a cautionary note to its customers regarding potential system failures linked to a blue screen error, specifically a secure kernel fatal error, following the installation of Windows updates released since March. This advisory pertains to the KB5055523 April cumulative update and the KB5053656 March preview update, both of which are known to impact devices operating on Windows 11, version 24H2.
Details of the Issue
Users encountering this problem will experience their PCs crashing after the updates are installed and the devices are restarted. Microsoft has indicated that the error manifests as a blue screen exception with the code 0x18B, which denotes a SECUREKERNELERROR. The company is actively working on a solution to mitigate these disruptions.
In the interim, Microsoft has implemented a Known Issue Rollback (KIR) to address the situation. This feature is designed to reverse problematic non-security updates that have been disseminated through Windows Update. The rollback will automatically reach all home and non-managed enterprise devices, as well as business devices that are not overseen by IT departments, within the next 24 hours. To facilitate a quicker application of the fix, Microsoft recommends that affected users restart their devices.
Enterprise Solutions
For organizations utilizing enterprise-managed devices, administrators are required to install the Windows 11 24H2 and Windows Server 2025 KB5053656 250412_03103 Known Issue Rollback Group Policy. This policy can be located under Computer Configuration > Administrative Templates. To effectively deploy it across impacted endpoints, administrators must navigate to either the Local Computer Policy or the Domain policy on the domain controller using the Group Policy Editor to select the appropriate Windows version.
Microsoft has emphasized the necessity of installing and configuring the Group Policy specific to the Windows version in use to resolve this issue. A restart of the affected device(s) will be required to ensure the group policy setting is applied correctly.
Further assistance for Windows administrators regarding the deployment of KIR Group Policies is available on the Microsoft support website.
In related news, Microsoft recently rolled out emergency updates to address complications surrounding local audit logon policies in Active Directory Group Policy. The company has also alerted administrators that Windows Server 2025 domain controllers may become inaccessible post-restart, leading to potential failures in services and applications. Additionally, Microsoft has begun deploying a fix for an issue where certain Windows devices were incorrectly offered Windows 11 upgrades, despite existing Intune policies that were intended to block such upgrades.
