Microsoft shares policy after upgrade debacle around Windows Server 2025

Microsoft shares policy after upgrade debacle around Windows Server 2025

Update 11-11-2024 (Erik van Klinken): After inadvertently pushing Windows Server 2025 for Server 2019 and 2022 systems, Microsoft is clarifying its advice with regard to update policies.

Microsoft explains that the upgrade to Windows Server 2025 was intended to be optional but that third-party products may push it automatically because of their configurations. However, Heimdal, a vendor behind one of these third-party products, blamed Microsoft. The usual labels surrounding a Windows Server upgrade pointed to a common update called KB5044284.

Of blame, Microsoft should know nothing. The company argues that it had introduced the classification of the optional upgrade as such. Patch management tools should see the metadata of feature updates as optional and not ‘Recommended’, according to Microsoft.

Original post 06-11-2024:

Windows updates do often come with unexpected problems, and the recent release of Windows Server 2025 has one of those. System administrators grumble that their versions of Windows Server 2022 are sometimes automatically upgraded to Windows Server 2025. Without prior notice, mind you.

The culprit behind this strange turn of events appears to be KB5044284, an October Patch Tuesday update. That one doesn’t even belong with Windows Server but rather Windows 11. However, certain patch management systems misclassified this update, causing it to end up as an OS upgrade in servers where it has no business being.

Cause unclear

A system admin using solutions from Denmark-based Heimdal Security was one of the first to sound the alarm on Reddit, explaining how their company’s Asset Management Module (AMM) incorrectly interpreted KB5044284 as an operating system update. To mitigate the problem, Heimdal quickly blocked the patch and attributed the misclassification to a Microsoft error. Other users disagree with that conclusion, attributing the error to Heimdal. In that case, the problem would be less widespread.

The Heimdal employee who joined the fray confirmed that the GUID for the Windows Server 2025 upgrade does not contain any references to the KB5044284-Patch Tuesday upgrade. This means the upgrade was applied to a version of Windows that it was not intended for. In any case, Microsoft did not attach a KB number to Windows Server 2025. This version is build 26100.1742.

Unscheduled upgrades are risky

This event has caused great concern among sysadmins in the relevant subreddit and beyond, as server environments and unplanned upgrades don’t go very well togehter. These could just disrupt ongoing services or cause all sorts of licensing problems.

Windows Server 2025 came with some initial setbacks. At least three problems marred the launch, Microsoft itself acknowledges. For example, English text was not displayed correctly during installation, a startup error in iSCSI environments, and compatibility problems with CPUs running on more than 256 threads. The last problem led to longer installation times, slow restarts, and, in the worst case, even a blue screen of death (BSOD) when running some applications.

Also read: Windows Server IoT 2025 is all about that speed