Microsoft Issues Emergency "Fix for the Fix" to Halt Windows Server Reboot Loops
An out-of-band update arrives days after the April Patch Tuesday release triggered critical LSASS crashes and BitLocker recovery prompts across enterprise domain controllers.
REDMOND, WA — Microsoft has released a series of emergency out-of-band (OOB) updates to address a cascade of failures introduced by its April 2026 "Patch Tuesday" cycle. The emergency intervention comes after sysadmins worldwide reported that KB5082063 (and related server updates) sent Windows Domain Controllers into a "death loop" of infinite restarts, effectively paralyzing corporate authentication services.
The primary culprit is a critical regression in the Local Security Authority Subsystem Service (LSASS), the core process responsible for enforcing security policies and handling user logins.
Emergency Update Reference
The LSASS "Death Loop" Explained
The instability specifically targets Domain Controllers (DCs) in complex environments, particularly those utilizing Privileged Access Management (PAM).
According to technical bulletins from The Register and BleepingComputer, the bug causes LSASS to crash immediately upon startup if the server processes authentication requests too early in the boot sequence. Because Windows cannot operate safely without a stable LSASS process, the system triggers a protective hard restart, creating a recursive reboot loop that renders the DC — and often the entire domain — unavailable.
Beyond the reboot loops, administrators also reported:
- Installation Failures: Some Windows Server 2025 systems were unable to install the April update entirely, throwing error codes like 0x800F0983.
- BitLocker Alerts: A separate "known issue" forced enterprise servers into BitLocker recovery mode, requiring manual entry of 48-digit recovery keys after the update.
The Remediation: KB5091157
Microsoft’s rapid response involves a "non-security cumulative update" designed to stabilize the platform. The primary fix for Windows Server 2025 is identified as KB5091157.
Crucially, this is an Out-of-Band (OOB) release, meaning it will not be pushed automatically via Windows Update for all users. Administrators must manually pull the update from the Microsoft Update Catalog or deploy it via WSUS (Windows Server Update Services).
The CyberSignal Analysis
Signal 01 — The "Patch-to-Outage" Pipeline
This incident is a stark "Signal" for operational resilience. When a security patch becomes the primary cause of a service outage, the "prevention" mindset has failed. For B2B leaders, this highlights the necessity of Staged Deployment. In 2026, the risk of an unpatched vulnerability must be weighed against the risk of an unstable patch. If your organization's identity & access management (IAM) rests on a single point of failure like a Domain Controller, a botched update is as damaging as a ransomware attack.
Signal 02 — The Complexity of Modern Auth
The fact that this bug specifically hit PAM and multi-domain forests is a "Signal" that our identity stacks are becoming too "brittle." As we noted in our Account Takeover (ATO) Prevention Guide, complexity is the enemy of security. Microsoft’s need for a "fix for a fix" suggests that even the vendors are struggling to validate how core security processes (LSASS) interact with advanced identity features in real-world environments.
