Back

Microsoft Confirms Reboot Loops in Windows Servers After April 2026 Updates

Severity: Medium (Score: 57.8)

Sources: learn.microsoft.com, Bleepingcomputer, Neowin, Gbhackers

Summary

Microsoft has acknowledged that certain Windows domain controllers are experiencing continuous reboot loops following the installation of the April 2026 security updates (KB5082063 and KB5082142). This issue primarily affects non-Global Catalog domain controllers in environments utilizing Privileged Access Management (PAM), leading to Local Security Authority Subsystem Service (LSASS) crashes during startup. The repeated restarts hinder authentication and directory services, potentially making the domain unavailable. Additionally, some enterprise-managed systems are facing BitLocker recovery prompts post-update. Microsoft is currently investigating the issue and has advised IT administrators to contact Microsoft Support for mitigation strategies. The problem is specific to Windows Server versions 2016, 2019, 2022, and 2025, and is unlikely to impact personal devices. This is not the first time Microsoft has dealt with domain controller issues linked to security updates, with similar problems reported in previous years. Key Points: • Windows domain controllers are entering reboot loops after April 2026 updates. • The issue affects non-Global Catalog domain controllers using Privileged Access Management (PAM). • Microsoft is working on a fix and recommends contacting support for mitigation.

Key Entities

  • Zero-day Exploit (attack_type)
  • Microsoft (company)
  • BitLocker (platform)
  • Windows (platform)
  • Windows Server 2016 (platform)
  • Windows Server 2019 (platform)
  • Windows Server 2022 (platform)
Loading threat details...

Threat Not Found

The threat cluster you're looking for doesn't exist or has been removed.

Return to Feed