Sysadmin shock as Windows Server 2025 installs itself after update labelling error

Sysadmin shock as Windows Server 2025 installs itself after update labelling error

A mislabelled Patch Tuesday update from October intended for Windows 11 has been identified as the source of the issues.

Published on 8th November 2024

Administrators are reporting unexpected appearances of Windows Server 2025 after what was published as a security update turned out to be a complete operating system upgrade.

The problem was flagged by a customer of web app security biz Heimdal. Arriving at the office on the morning of November 5, they found, to their horror, that every Windows Server 2022 system had either upgraded itself to Windows Server 2025 or was about to.

Sysadmins are cautious by nature, so an unplanned operating system upgrade could easily result in morning coffee being sprayed over a keyboard.

Heimdal’s services include patch management, and it relies on Microsoft to label patches accurately to ensure the correct update is applied to the correct software at the correct time. In this instance, what should have been a security update turned out to be Windows Server 2025.

It took Heimdal a while to trace the problem. According to a post on Reddit: “Due to the limited initial footprint, identifying the root cause took some time. By 18:05 UTC, we traced the issue to the Windows Update API, where Microsoft had mistakenly labeled the Windows Server 2025 upgrade as KB5044284.”

It added: “Our team discovered this discrepancy in our patching repository, as the GUID for the Windows Server 2025 upgrade does not match the usual entries for KB5044284 associated with Windows 11. This appears to be an error on Microsoft’s side, affecting both the speed of release and the classification of the update. After cross-checking with Microsoft’s KB repository, we confirmed that the KB number indeed references Windows 11, not Windows Server 2025.”

Heimdal estimated that the unexpected upgrade had affected 7 percent of customers – it said it had blocked KB5044284 across all server group policies. However, this is of little comfort to administrators finding themselves receiving an unexpected upgrade.

Since rolling back to the previous configuration will present a challenge, affected users will be faced with finding out just how effective their backup strategy is or paying for the required license and dealing with all the changes that come with Windows Server 2025.

Source

Image Credit

Microsoft

The latest updates straight to your inbox

We just need a few details to get you subscribed

Health Checks

Inventory & Compliance

Cloud Readiness & Optimisation

Agreement & Audit Support

Learning

Looking for something specific?

Let's see what we can find - just type in what you're after

Wait! Before you go

Have you signed up to our newsletter yet?

It’s chock full of useful advice, exclusive events and interesting articles. Don’t miss out!

Cookie Notice

Our website uses cookies to ensure you have the best experience while you're here.