CyberHappenings logo
☰

Track cybersecurity events as they unfold. Sourced timelines, daily updates. Fast, privacy‑respecting. No ads, no tracking.

Windows recovery operations disrupted by August 2025 updates

First reported
Last updated
πŸ“° 1 unique sources, 6 articles

Summary

Hide β–²

Microsoft released emergency out-of-band updates to fix a bug in the August 2025 Windows security updates that was causing recovery and reset operations to fail, as well as severe streaming issues with NDI software. The issue affected Windows 10 and older versions of Windows 11. The bug also caused Windows upgrades to fail with 0x8007007F errors on some Windows 11 and Windows Server systems. Additionally, the updates triggered unexpected UAC prompts and app installation issues for non-admin users. The affected updates included KB5063875, KB5063709, and KB5063877. The emergency fixes were released as KB5066189, KB5066188, KB5066187, KB5065426, and KB5065429. These updates are available via Windows Update and the Microsoft Update Catalog. Microsoft also resolved a bug that triggered Windows update failures when installed from a network share using the Windows Update Standalone Installer (WUSA). The September 2025 Windows security update reduces the scope for requiring UAC prompts for MSI repairs and enables IT admins to disable UAC prompts for specific apps by adding them to an allowlist.

Timeline

  1. 10.09.2025 16:02 πŸ“° 1 articles Β· ⏱ 6d ago

    Microsoft releases KB5065426 and KB5065429 to fix NDI streaming issues

    Microsoft released the KB5065426 and KB5065429 updates to resolve the severe lag and stuttering issues experienced with NDI streaming software on Windows 10 and Windows 11 systems. The updates also address unexpected UAC prompts and app installation problems for non-admin users.

    Show sources
  2. 04.09.2025 14:57 πŸ“° 3 articles Β· ⏱ 12d ago

    August 2025 Windows updates trigger UAC prompts and app install issues

    The September 2025 Patch Tuesday security updates also address unexpected UAC prompts and app installation problems for non-admin users. Microsoft fixed a known issue causing security updates delivered via Windows Server Update Services (WSUS) to fail with 0x80240069 errors after installing KB5063878.

    Show sources
  3. 22.08.2025 15:25 πŸ“° 3 articles Β· ⏱ 25d ago

    August 2025 Windows updates cause severe NDI streaming issues

    The September 2025 Patch Tuesday security updates address another known issue introduced by the August 2025 Windows security updates, which causes unexpected User Account Control (UAC) prompts and app installation problems for non-admin users. Microsoft released the KB5065426 and KB5065429 updates to resolve the NDI streaming issues.

    Show sources
  4. 20.08.2025 11:21 πŸ“° 2 articles Β· ⏱ 27d ago

    Microsoft resolves Windows upgrade failures with 0x8007007F errors

    The streaming issues are triggered after installing the KB5063878 and KB5063709 security updates on Windows 11 24H2 and Windows 10 21H2/22H2 devices, respectively. The NDI team confirmed the issue, stating that the buggy updates cause NDI traffic to drop unexpectedly, affecting RUDP connections.

    Show sources
  5. 20.08.2025 11:21 πŸ“° 2 articles Β· ⏱ 27d ago

    Microsoft releases Known Issue Rollback (KIR) fix for Windows update failures

    Microsoft acknowledged other issues caused by the KB5063878 and KB5063709 security updates, including failures in WSUS updates and Windows reset and recovery operations.

    Show sources
  6. 20.08.2025 09:46 πŸ“° 3 articles Β· ⏱ 27d ago

    Microsoft releases emergency updates to fix Windows recovery issues

    The issue also affected streaming apps, including OBS and NDI Tools, especially when 'Display Capture' is enabled. The problem persists even under low bandwidth conditions. Microsoft released the KB5065426 and KB5065429 updates to resolve the NDI streaming issues.

    Show sources

Information Snippets

Similar Happenings

Microsoft September 2025 Patch Tuesday fixes 81 vulnerabilities, including two zero-days

Microsoft released updates for 80 vulnerabilities on September 2025 Patch Tuesday. None of these vulnerabilities were zero-days. The updates address eight critical flaws, including five remote code execution vulnerabilities, one information disclosure, and two elevation of privilege vulnerabilities. The vulnerabilities span various categories: 38 elevation of privilege, 2 security feature bypass, 22 remote code execution, 14 information disclosure, 3 denial of service, and 1 spoofing. One zero-day vulnerability was fixed in Windows SMB Server. The updates also include hardening features for SMB Server to mitigate relay attacks, with recommendations for administrators to enable auditing. The patch includes 38 elevation of privilege vulnerabilities, the highest number among all categories. CVE-2025-54918 is an EoP vulnerability in Windows NT LAN Manager (NTLM) marked as critical. CVE-2025-54111 and CVE-2025-54913 are EoP flaws in Windows UI XAML, allowing privilege escalation via phished credentials or malicious Microsoft Store apps. CVE-2025-55232 is an RCE vulnerability in the Microsoft High Performance Compute (HPC) Pack with a CVSS score of 9.8. CVE-2025-54916 is an RCE vulnerability in Windows NTFS that can be triggered by authenticated users. Microsoft's patch update includes recommendations for preparing for the end-of-life of Windows 10 and mandatory multifactor authentication (MFA) for Azure in October 2025.

Microsoft Anti-Spam Engine False Positives Affect Exchange Online and Teams

Microsoft's anti-spam engine has incorrectly flagged URLs and emails as malicious, causing disruptions in Exchange Online and Microsoft Teams. The issue began on September 5, 2025, affecting URL links and email delivery. Microsoft has identified over 6,000 impacted URLs and is working to resolve the problem. The bug has led to false positive alerts and email quarantines, impacting users globally. The issue stems from the anti-spam engine incorrectly tagging URLs within other URLs as potentially malicious. Microsoft has deployed a partial fix but continues to address residual impacts. The root cause analysis is ongoing.

High-severity use-after-free vulnerability in Chrome's V8 JavaScript engine patched

Google has released Chrome 140 to address six vulnerabilities, including a high-severity use-after-free flaw in the V8 JavaScript engine. The issue, tracked as CVE-2025-9864, was reported by the Yandex Security Team. This type of vulnerability can lead to heap corruption and potential remote code execution (RCE) through crafted HTML pages. The update also fixes three medium-severity bugs in Chrome's Toolbar, Extensions, and Downloads components. Users are advised to update their browsers immediately. The update is available as versions 140.0.7339.80/81 for Windows and macOS, and 140.0.7339.80 for Linux. The extended stable channel has been updated to Chrome 140.0.7339.81 for both Windows and macOS.

Windows 11 KB5064081 Update Standardizes CPU Metrics in Task Manager

Microsoft has released the KB5064081 preview cumulative update for Windows 11 24H2. This update introduces standardized CPU usage metrics in Task Manager, aligning with industry standards and third-party tools. The update also includes various new features and fixes, such as enhanced Recall functionalities, improved Taskbar search, and updated Windows Backup for Organizations. The update is optional and does not include security patches. The update addresses inconsistencies in CPU reporting by standardizing the calculation method across all tabs in Task Manager. This change ensures that CPU usage metrics are consistent and accurate, resolving previous issues where the displayed values did not match other monitoring tools. The update also introduces new features like an updated Recall homepage and improved Taskbar search functionality. The update is part of Microsoft's optional non-security preview update schedule, which releases updates at the end of each month to test new fixes and features before the next Patch Tuesday. The KB5065426 and KB5065431 updates include enhancements to Recall, Click to Do, Taskbar search, and File Explorer. The updates also introduce new features in the Task Manager, including a new optional column called CPU Utility in the Details tab. Additionally, the updates address various bugs and issues, including fixes for File Explorer, Windows Hello, and input problems.

Windows Certificate Enrollment Error Resolved in August 2025 Updates

Microsoft has resolved a known issue causing false CertificateServicesClient (CertEnroll) error messages in Windows 11 24H2 after the July 2025 preview and subsequent updates. The bug, acknowledged two weeks ago, triggered warnings about the 'Microsoft Pluton Cryptographic Provider' not being loaded, but had no impact on Windows processes. A fix is rolling out over the next four weeks. The issue was caused by a feature still under development and not fully integrated into the operating system. The fix will be automatically enabled on devices with KB5064081, released on August 29, 2025, and will be included in all subsequent updates.