Microsoft has acknowledged a series of issues arising from the latest Windows security updates that affect both server and desktop operating systems. The problems can disrupt operations for domains that use Windows Server 2025, particularly in environments utilizing Active Directory.
Issues with Windows Server 2025
According to information from the Windows Release Health Center for Windows Server 2025, domain controllers may fail to properly manage network traffic post-reboot. This issue can make them inaccessible in the domain network, or they may become accessible through network protocols that should normally be blocked by the domain firewall.
The underlying problem is a malfunction of the domain firewall profile when domain controllers are restarted. Without correction, the standard firewall profile takes over, potentially rendering applications and services either non-functional or unreachable. As a temporary workaround, administrators can reset the network adapter using the command Restart-NetAdapter * in Powershell, which will restore the correct firewall settings. Microsoft recommends setting up a scheduled task to automate this reset post-reboot while they work on a more permanent solution.
Windows 11 Complications
Windows 11 users are also facing issues, particularly after installations of the security updates. Microsoft noted that a folder named %systemdrive%inetpub, which is typically c:inetpub, is generated during installation. This is a necessary security measure related to addressing a privilege escalation vulnerability monitored under CVE-2025-21204.
Another complication for Windows 11 24H2 users may lead to a blue screen of death (BSoD) on restart, with error code 0x18B, indicating a SECURE_KERNEL_ERROR. To mitigate this, Microsoft has executed the Known Issue Rollback (KIR) mechanism, which will automatically be effective within 24 hours on non-managed devices, addressing these problematic update components.
The problems with the recent Windows updates have been mounting, leading Microsoft to recently release an out-of-band update to fix display issues related to group policies.
For further updates and official guidance, refer to the Microsoft support page.