CyberSecurity news

FlagThis

@learn.microsoft.com //
Microsoft is alerting IT administrators to a significant issue affecting Windows Server 2025 domain controllers (DCs). After a restart, these DCs may experience a loss of network connectivity due to the servers loading the standard firewall profile instead of the domain firewall profile. This problem can render the domain controllers inaccessible on the network, disrupting Active Directory (AD) environments and potentially causing applications and services running on those servers or remote devices to fail or remain unreachable. The issue primarily impacts systems running the Active Directory Domain Services role on Windows Server 2025, with no client systems or earlier server versions affected.

This problem arises from the domain controllers failing to apply the correct network profile after a reboot, instead defaulting to a "Public" or standard firewall profile rather than the required "Domain Authenticated" profile. This misconfiguration can lead to ports and protocols that should be restricted by the domain firewall profile remaining open, posing potential security risks. Essential AD functions like Group Policy application, replication, and authentication are also disrupted, further compounding the problem for organizations relying on Active Directory for network management.

While Microsoft is actively working on a permanent fix for this issue, which is expected to be included in a future update, they have provided a temporary workaround for affected systems. Administrators can manually restart the network adapter on the affected servers using PowerShell with the command 'Restart-NetAdapter *'. However, because the issue reoccurs after each system restart, this workaround must be applied repeatedly. To streamline this process, Microsoft suggests creating a scheduled task that automatically restarts the network adapter each time the domain controller reboots.
Original img attribution: https://www.networkworld.com/wp-content/uploads/2025/04/3961918-0-57003600-1744663195-Microsift.jpg?quality=50&strip=all&w=1024
ImgSrc: www.networkworl

Share: bluesky twitterx--v2 facebook--v1 threads


References :
  • Techzine Global: Emergency Windows update solves Active Directory problem Microsoft is launching emergency patches to correctly display local audit logon policies in Active Directory Group Policy.
  • bsky.app: Microsoft has released emergency Windows updates to address a known issue affecting local audit logon policies in Active Directory Group Policy. https://www.bleepingcomputer.com/news/microsoft/microsoft-new-emergency-windows-updates-fix-ad-policy-issues/
  • BleepingComputer: Microsoft: New Windows updates fix Active Directory policy issues Microsoft has released emergency Windows updates to address a known issue affecting local audit logon policies in Active Directory Group Policy.
  • Cyber Security News: Windows Server 2025 Restart Bug Breaks Connection with Active Directory Domain Controller
  • www.networkworld.com: Windows Server 2025 domain controllers may lose connectivity after reboot, says Microsoft
  • cybersecuritynews.com: Windows Server 2025 Restart Bug Breaks Connection with Active Directory Domain Controller
  • BleepingComputer: Microsoft: Windows Server 2025 restarts break connectivity on some DCs
  • Techzine Global: Microsoft warns that Windows Server 2025 domain controllers may become inaccessible after a restart. Affected servers load the default firewall profile instead of the domain firewall profile, interrupting applications and services.
Classification:
  • HashTags: #WindowsServer #DomainController #NetworkConnectivity
  • Company: Microsoft
  • Target: Windows Server 2025
  • Product: Windows Server 2025
  • Feature: DC connectivity
  • Type: Bug
  • Severity: Medium