Microsoft April update causes Windows Server reboot issues
Microsoft’s latest April security update, KB5082063, has caused significant disruptions for some enterprise users, leading to continuous reboot cycles for affected Windows Server domain controllers. The issue has been linked to crashes in the Local Security Authority Subsystem Service (LSASS), a critical system component, and is impacting specific server environments that utilize Privileged Access Management (PAM) for Active Directory.
Affected Systems and Scope
According to Microsoft, the problem primarily affects non-Global Catalog domain controllers running Windows Server 2016, 2019, 2022, 23H2, and 2025. The LSASS crashes occur during the startup sequence, preventing these systems from recovering into a stable state and trapping them in a repetitive reboot loop. While this issue impacts enterprise-managed environments using PAM, Microsoft assures that personal devices outside IT-managed domains are not at risk.
The company has acknowledged the issue on its release health dashboard, explaining that the crashes render Active Directory authentication and directory services unavailable on affected servers. Administrators who have already deployed the update are advised to contact Microsoft Support for Business to access mitigation steps.
sbb-itb-9b7603c
Ongoing Challenges with KB5082063
The KB5082063 update has already been associated with three acknowledged bugs within a short timeframe. In addition to the LSASS crash, some Windows Server 2025 systems are being prompted for a BitLocker recovery key after the update is installed. Furthermore, Microsoft has received reports of installation failures for KB5082063 on certain Windows Server 2025 machines and is actively investigating these issues.
This marks the third consecutive year that April updates have disrupted enterprise Windows Server environments. In previous years, updates have caused domain controller crashes, disrupted NTLM authentication, and led to unplanned server restarts. These recurring challenges have resulted in emergency fixes and follow-up updates to address post-deployment failures.
Limited Options for Administrators
With the update still being available on the release channel and no timeline for a fix, system administrators are left with limited options. Microsoft has outlined three potential courses of action: delaying the deployment of the April update, testing the patch on isolated domain controllers before a wider rollout, or escalating cases through Microsoft Support for mitigation guidance.
For now, affected organizations must weigh these options carefully while awaiting a more permanent resolution from Microsoft. As the company continues its investigation, enterprise IT teams must remain vigilant to minimize disruptions caused by the problematic update.
"Microsoft’s April security updates have disrupted Windows Server domain controllers for three consecutive years", the article noted, highlighting the persistent challenges in maintaining stability during patch deployments.