Microsoft officially confirmed on April 20, 2026, that its latest cumulative security update, KB5082063, is causing significant operational disruptions for enterprise customers. The update, which was released as part of the April 2026 Patch Tuesday cycle, is triggering continuous reboot loops on Windows Server machines functioning as domain controllers. This issue has left many IT departments unable to maintain stable Active Directory environments, which are essential for managing network identities and permissions across corporate infrastructures.
The technical failure originates within the Local Security Authority Subsystem Service, commonly known as LSASS.exe. According to Microsoft’s Windows Release Health dashboard, the service encounters an access violation error—specifically error code 0xc0000005—following the installation of the patch. Because LSASS is a critical system process that manages security policies, user logins, and access tokens, any unexpected termination of the service forces the Windows operating system to initiate a mandatory restart. In affected environments, this results in a cycle where the server boots, attempts to start the LSASS process, crashes, and reboots again within minutes.
The scope of the incident includes several versions of the server operating system, including Windows Server 2019, Windows Server 2022, and Windows Server 2025. While the update was intended to address multiple vulnerabilities, including a critical flaw in the Kerberos authentication protocol tracked as CVE-2026-21412, the resulting instability has forced many organizations to halt their patching schedules. Reports from enterprise administrators indicate that the reboot loops are most prevalent in environments with high authentication traffic or complex trust relationships between domains. In some instances, administrators have reported downtime durations exceeding twelve hours as they attempt to recover primary authentication nodes.
The impact on business operations is substantial, as domain controllers are necessary for authenticating users to workstations, email servers, and internal applications. When these servers fail, employees are unable to access corporate resources, and automated system processes that rely on service accounts are interrupted. While Microsoft has not provided a specific count of affected users, the failure of a single domain controller can prevent thousands of employees from logging into their systems. Microsoft has acknowledged the severity of the situation and has assigned a dedicated engineering team to produce a resolution.
As of April 20, Microsoft’s official recommendation for affected administrators is to utilize Directory Services Repair Mode to roll back the update. The company has advised organizations to pause the distribution of KB5082063 to any remaining domain controllers until a permanent fix is released. Microsoft stated that it is currently testing an out-of-band update to address the LSASS memory handling issue and expects to provide further details within the next twenty-four hours. No other Windows services or consumer versions of Windows 11 appear to be impacted by this specific reboot loop issue at this time.