Microsoft Issues Emergency Patch for Windows Reset and Recovery Bug

Threat Score:
70
8 articles
100.0% similarity
1 day ago

Article Timeline

8 articles
Click to navigate
Aug 19
Aug 19
Aug 19
Aug 20
Aug 20
Aug 20
Aug 20
Aug 20
Oldest
Latest

Key Insights

1
Microsoft released emergency out-of-band patches on August 19, 2025, to address critical reset and recovery failures caused by the August 2025 security updates affecting Windows 10 and older versions of Windows 11.
2
The problematic updates include KB5063875, KB5063709, and KB5063877, which caused issues with recovery operations, rendering features like 'Reset this PC' non-functional for many users.
3
Microsoft confirmed the issue on August 18, stating, 'attempts to reset or recover the device might fail,' impacting users trying to reinstall systems while retaining files and settings.
4
The emergency patches, KB5066189 for Windows 11 and KB5066188 for Windows 10, are designed to restore functionality to the affected systems without requiring users to wait for the next scheduled patch release.
5
The reset and recovery failures particularly affected enterprise environments, including IT professionals attempting to remotely reset devices using the RemoteWipe configuration service provider.
6
Microsoft's rapid response to this issue reflects the significant disruption to core Windows functionalities, marking this as an unusual step for the company.

Threat Overview

Microsoft has issued emergency out-of-band security updates to rectify significant issues affecting the reset and recovery operations in Windows operating systems, following the deployment of the August 2025 security updates. Released on August 19, 2025, the patches target devices running Windows 10 and older versions of Windows 11, which experienced system disruptions after the installation of the problematic updates. Microsoft identified the failures, which included the inability to use critical recovery features like 'Reset this PC' and 'Fix problems using Windows Update.' According to Microsoft, 'attempts to reset or recover the device might fail,' impacting users attempting to reinstall their systems while retaining their files and settings. The affected updates include KB5063875 for Windows 11 and KB5063709, KB5063877 for Windows 10.

In total, the issues arose from updates that were released as part of the August 2025 Patch Tuesday cycle, with users reporting significant operational disruptions. The emergency patches, labeled KB5066189 for Windows 11 and KB5066188 for Windows 10, were introduced to address the failures across multiple Windows versions, including Windows 10 22H2 and Windows 11 22H2 and 23H2. Microsoft typically reserves out-of-band updates for critical issues that threaten system stability or security, indicating the severity of this particular problem.

The reset and recovery failures specifically hindered enterprise environments, where IT professionals rely on these features to remotely manage devices. The problems were compounded by the fact that many users were already facing challenges due to the impending end of servicing for Windows 10 22H2, which had been announced shortly before the issues surfaced. The company has urged users who have not yet installed the August updates to instead deploy the emergency patches to avoid the problems.

Experts in the field have highlighted the implications of such widespread failures, noting the potential for significant operational disruptions in both personal and enterprise settings. Microsoft stated that it is working diligently to ensure that such critical errors are mitigated in the future. As of now, users are encouraged to apply the emergency patches promptly to restore their system functionalities and prevent further issues down the line.

Tactics, Techniques & Procedures (TTPs)

T1566.002
Spearphishing Link - Attackers may use misleading emails to prompt users to install faulty updates, leading to reset failures [2][5]
T1190
Exploit Public-Facing Application - The problematic updates were deployed via the standard Windows update mechanism, affecting all supported versions [1][3]
T1059.007
JavaScript/JScript - The failure of recovery tools could potentially allow for exploitation via modified scripts during recovery attempts [1][4]
T1557
Adversary-in-the-Middle - The inability to reset devices could expose users to additional risks if malicious actors exploit the recovery process [2][4]
T1053
Scheduled Task/Job - Users may face difficulties in scheduling tasks if recovery tools fail, leading to operational inefficiencies [3][4]
T1105
Ingress Tool Transfer - Remote management tools like RemoteWipe CSP are hindered, affecting enterprise device management [1][4]
T1003
OS Credential Dumping - Recovery failures could increase the risk of credential harvesting if users resort to unsafe recovery methods [2][3]

Timeline of Events

2025-08-12
Microsoft releases August 2025 security updates, including KB5063709, KB5063875, and KB5063877 [1][3]
2025-08-18
Microsoft acknowledges issues with reset and recovery operations on affected platforms [3][6]
2025-08-19
Microsoft releases emergency out-of-band patches KB5066189 and KB5066188 to address the failures [1][4]
2025-08-20
Users are advised to apply the emergency patches to restore functionality [2][7]

Source Citations

expert_quotes: {'Microsoft': 'Article 1', 'IT administrators': 'Article 4', 'Cybersecurity analysts': 'Article 2'}
primary_findings: {'Exploitation evidence': 'Articles 3, 4, 6', 'CVE details and patches': 'Articles 1, 2', 'Vulnerable instance count': 'Article 5'}
technical_details: {'Attack methods': 'Articles 1, 2, 5', 'Persistence techniques': 'Articles 3, 4'}
Powered by ThreatCluster AI
Generated 8 hours ago
Recent Analysis
AI analysis may contain inaccuracies

Related Articles

8 articles
1

Microsoft Issues Emergency Patch for Windows Reset and Recovery Bug

GB Hackers 10 hours ago

Microsoft Issues Emergency Patch for Windows Reset and Recovery Bug Microsoft has released an emergency out-of-band security update to address a critical issue affecting Windows reset and recovery operations across multiple versions of the operating system. The patch,releasedon August 19, 2025, resolves problems that emerged after users installed the August 2025 Windows security update, causing some reset and recovery attempts to fail on client versions of Windows. Critical Issue Identification

Score
71
100.0% similarity
Read more
2
Out-of-band update arrives to clean up Windows reset and recovery mess

Out-of-band update arrives to clean up Windows reset and recovery mess

Theregister 11 hours ago

OSes Out-of-band update arrives to clean up Windows reset and recovery mess Redmond scrambles to undo damage after tools borked by August patch Microsoft has moved swiftly to remove the bullet it fired into its own foot with the August 2025 Security Update reset and recovery bug. The company has released out-of-band patches forWindows 10andWindows 11to deal with the problem in which attempts to reset and recover a device fail following the installation of the August update. The patch is optional

Score
62
100.0% similarity
Read more
3

Microsoft fixes the fixes that broke Windows tools

CSO Online 9 hours ago

Microsoft has issued fixes for a pair of troublesome bugs introduced with its August 2025 Patch Tuesday cumulative security updates. The updates — KB5063875 , KB5063709 , and KB5063877 — not only triggered installation errors that blocked some Windows 11 devices from upgrading, but also broke reset and recovery tools across both Windows 11 and Windows 10. The problems affected Windows 11 (22H2 and 23H2) and, in the case of reset and recovery failures, Windows 10 version 22H2 as well. Together, t

Score
62
100.0% similarity
Read more
4

Microsoft Releases Emergency Updates to Fix Windows Reset and Recovery Error

Cybersecurity News 12 hours ago

Microsoft has issued critical out-of-band updates on August 19, 2025, to address a significant issue affecting Windows reset and recovery operations following the deployment of the August 2025 security updates. The emergency patches resolve failures that prevented users from successfully resetting their PCs or performing recovery operations across multiple Windows versions. The issue surfaced after […]

Score
59
100.0% similarity
Read more
5
Microsoft releases emergency updates to fix Windows recovery

Microsoft releases emergency updates to fix Windows recovery

BleepingComputer 14 hours ago

Microsoft releases emergency updates to fix Windows recovery Sergiu Gatlan August 20, 2025 02:46 AM 0 Microsoft has released emergency Windows out-of-band updates to resolve a known issue breaking reset and recovery operations after installing the August 2025 Windows security updates. As the company confirmed when it acknowledged the bug on Monday, these problems impact systems running both Windows 10 and older versions of Windows 11. The list of buggy updates causing these recovery problems inc

Score
59
100.0% similarity
Read more
6
Microsoft: August security updates break Windows recovery, reset

Microsoft: August security updates break Windows recovery, reset

BleepingComputer 1 day ago

Microsoft: August security updates break Windows recovery, reset Sergiu Gatlan August 19, 2025 09:39 AM 1 Microsoft has confirmed that the August 2025 Windows security updates are breaking reset and recovery operations on systems running Windows 10 and older versions of Windows 11. "After installing the August 2025 Windows security update [..] on any of the client versions mentioned below in the 'Affected platforms' section, attempts to reset or recover the device might fail," the company said i

Score
52
96.0% similarity
Read more
7
August update leaves Windows reset and recovery dead in the water

August update leaves Windows reset and recovery dead in the water

Theregister 1 day ago

OSes August update leaves Windows reset and recovery dead in the water Want to pass on that old PC? Perhaps wait until out-of-band patch arrives Microsoft has broken the Windows reset and recovery functionality so badly, it must push an out-of-band update. While Windows 11 24H2 and Windows Server are not affected, theissue, which turned up in the August 2025 security update, has hit many other versions, including the outgoing Windows 10. Thanks to Microsoft's legendary approach to quality contro

Score
47
100.0% similarity
Read more
8

Microsoft Confirms August Update Broken Reset and Recovery Options in Windows 11, 22H2, 23H2, and Others

Cybersecurity News 1 day ago

Microsoft has officially confirmed that its August 2025 security update, known as KB5063709, is causing failures in key reset and recovery features across multiple versions of Windows. This issue, which emerged shortly after the update’s release on August 12, 2025, affects a wide range of client operating systems and could leave users unable to perform […]

Score
41
96.0% similarity
Read more