Microsoft has recently acknowledged ongoing issues that affect both administrators and users following the installation of the latest Windows security updates. Both server and desktop operating systems are impacted by these problems.
According to the Windows Release Health Center for Windows Server 2025, domain controllers (DC) hosting services like Active Directory may face issues that strip them of their ability to manage network traffic effectively after a reboot. Consequently, Windows Server 2025 DCs may become either inaccessible within the domain network or accessible through network ports that should be blocked by the domain firewall profile.
Windows Server 2025 DC: Firewall Profile Issues
The underlying issue stems from a failure to employ the domain firewall profile on the domain controllers after a restart, defaulting instead to the standard firewall profile. This oversight can render applications and services running on the DC—and potentially other devices on the network—inaccessible. To temporarily rectify this, Microsoft advises restarting the network adapter, which can restore the expected behavior. Administrators can execute the Restart-NetAdapter * command in PowerShell to facilitate this. Microsoft suggests creating a scheduled task to automate this adapter restart after each DC reboot. A permanent solution is currently in development.
In addition to server challenges, users of Windows 11 have reported other negative changes stemming from the latest updates. For instance, after installation, the folder %systemdrive%inetpub (typically c:inetpub) is created. Microsoft has indicated that this is a protective measure and that the folder should not be deleted, whether Internet Information Services (IIS) is enabled or not. This update addresses a privilege escalation vulnerability (CVE-2025-21204) deemed to have a high risk factor.
Another newly identified issue impacting Windows 11, particularly version 24H2, involves the occurrence of a blue screen of death (BSoD) upon restarting the device, identified by the error code 0x18B, which indicates a secure kernel error. In response, Microsoft has activated the Known Issue Rollback (KIR) mechanism, effective within 24 hours on consumer and unmanaged devices, to remove the problematic update components.
This series of troubles with Windows updates demonstrates a growing trend of complications for Microsoft. Just recently, the company released an out-of-band update to correct display issues related to group policy statuses.