In recent days, a troubling bug concerning the Windows Recovery Environment (WinRE) has surfaced, rendering USB devices ineffective. Microsoft has already addressed a related issue with a patch targeting this specific problem.
Furthermore, the company has introduced a fix for a broader issue affecting smart card authentication present in various Windows editions following the installation of the October 2025 Patch Tuesday update. Users have reported challenges with smart cards, particularly with them not being recognized as valid Cryptographic Service Providers (CSPs) in 32-bit applications. This malfunction has hindered document signing and disrupted functionalities reliant on certificates.
This smart card authentication issue has been logged under Event ID 624, with system error messages such as "invalid provider type specified" and "CryptAcquireCertificatePrivateKey error." Microsoft identified that the root cause was linked to a recent change mandating the use of the Key Storage Provider (KSP) in place of CSP for RSA-based smart card certificates to bolster security.
The remedial measure by Microsoft involves making adjustments via the Windows Registry, which is not automatically included in Windows Update processes. Users wishing to implement this fix must proceed cautiously, as incorrect modifications could jeopardize system functionality. Here are the steps:
- Open Registry Editor: Press Win + R, type regedit, and press Enter. Confirm any User Account Control prompts.
- Navigate to the subkey: Locate HKEY_LOCAL_MACHINESOFTWAREMicrosoftCryptographyCalais.
- Edit the key and input the value: Within Calais, check for the key DisableCapiOverrideForRSA. If it exists, double-click it and enter 0 as the value data.
- Close and restart: Exit Registry Editor and restart your computer for the changes to take effect.
This bug has affected users on various versions of Windows 11 and Windows 10, along with several editions of Windows Server, creating challenges for those reliant on smart card functionalities.