Microsoft has marked as resolved a long-running bug that caused Windows Server 2019 and 2022 systems to upgrade automatically to Windows Server 2025 without administrator approval, more than 18 months after the problem was first reported.
The issue surfaced in September 2024, when administrators discovered that servers had been upgraded overnight to an operating system version for which their organisations did not hold licences.
Microsoft initially blamed third-party update management tools, saying they had misinterpreted the feature update's metadata, which was classified as optional rather than recommended.
That explanation was disputed by software vendors, who said the problem was caused by a procedural error on Microsoft's part, and by administrators who reported servers receiving the unwanted upgrade despite not running any third-party update services.
The company said this week that cumulative update KB5082063 resolves the issue and that it has re-enabled the upgrade offer via the Windows Update settings panel for organisations that wish to perform in-place upgrades voluntarily.
However, the fix introduces a fresh problem for some enterprise environments.
Microsoft warned that non-Global Catalogue domain controllers running Privileged Access Management (PAM) may experience crashes in LSASS, the Local Security Authority Subsystem Service, during startup after installing the patch.
Affected domain controllers could enter repeated restart loops, preventing authentication and directory services from functioning and potentially rendering an entire domain unavailable.
The company said it would deliver a further fix in the coming days and advised organisations to monitor its update guidance as the corrective patch rolls out.
Related reading
- Microsoft warns AI agents risk becoming "double agents" as it unveils security controls at RSAC
- Microsoft cuts Windows 365 prices 20%
- Microsoft makes water utility cybersecurity programme permanent after pilot reveals sector's vulnerability
The episode has drawn sharp criticism from enterprise administrators, many of whom spent months implementing workarounds to block the unwanted upgrades, with some disabling Windows Update entirely on affected servers and exposing their systems to unpatched security vulnerabilities.
Microsoft also disclosed separately this week that KB5082063 is failing to install on some Windows Server 2025 systems, with users reporting error code 0x800F0983, and that certain devices may boot into BitLocker recovery mode after applying the update.
The recap
- Microsoft resolves unexpected Windows Server 2025 upgrade incident.
- Fix deployed as cumulative update KB5082063 introduced new issue.
- Company says a patch for LSASS crashes arrives in coming days.
