Back

Microsoft Confirms Windows Server Reboot Loop Issue After April 2026 Updates

Severity: High (Score: 69.0)

Sources: Gbhackers, Bleepingcomputer, learn.microsoft.com

Summary

Microsoft has acknowledged a critical issue affecting Windows Server 2025 domain controllers following the installation of the April 2026 cumulative update KB5082063. The update, released on April 14, 2026, causes affected domain controllers to enter continuous reboot loops due to crashes in the Local Security Authority Subsystem Service (LSASS). This issue primarily impacts organizations utilizing Privileged Access Management (PAM) and may prevent authentication and directory services from functioning properly. Additionally, a related problem is causing BitLocker recovery prompts on enterprise-managed systems post-update. Microsoft is currently working on a fix and has advised IT administrators to seek mitigation measures from Microsoft Support for Business. This incident follows a series of similar issues with Windows Server updates in previous years, highlighting ongoing challenges with security patches. The affected systems include Windows Server 2025, 2022, 23H2, 2019, and 2016. Key Points: • Windows Server 2025 domain controllers are experiencing reboot loops after April 2026 updates. • The issue is linked to LSASS crashes and affects organizations using Privileged Access Management. • Microsoft is investigating the problem and recommends contacting support for mitigation strategies.

Key Entities

  • Zero-day Exploit (attack_type)
  • Microsoft (company)
  • BitLocker (platform)
  • Windows (platform)
  • Windows Server 2016 (platform)
  • Windows Server 2019 (platform)
  • Windows Server 2022 (platform)
Loading threat details...

Threat Not Found

The threat cluster you're looking for doesn't exist or has been removed.

Return to Feed