Microsoft Corporation released an emergency out-of-band update on April 22, 2026, to resolve a critical technical issue that caused Windows Server domain controllers to enter continuous reboot cycles. The disruption followed the deployment of the April 2026 Patch Tuesday security update, specifically identified as KB5082063. This emergency release, designated as KB5083110, aims to stabilize enterprise infrastructure that has faced significant downtime over the past eight days.
The technical root cause of the failure involves a memory leak within the Local Security Authority Subsystem Service, commonly known as LSASS.exe. Microsoft engineering teams confirmed that the April security update introduced a regression in how the service handles Kerberos authentication requests. As the LSASS process consumes available system memory, it eventually crashes, triggering a mandatory system restart. On affected domain controllers, this cycle repeats immediately upon reboot, effectively taking the servers offline and preventing users from logging into corporate networks or accessing shared resources.
The issue has impacted a wide range of operating system versions, including Windows Server 2022, Windows Server 2019, and the recently released Windows Server 2025. Reports from system administrators indicate that the reboots typically occur within 15 to 30 minutes of the server becoming operational. The crash is logged in the Windows Event Viewer under Event IDs 1000 and 1001, citing the faulting module as authz.dll or kerberos.dll. Because domain controllers are essential for managing identity and access, the reboot loops have resulted in widespread authentication failures for internal applications, virtual private networks, and cloud-integrated services across numerous enterprise clients globally.
Microsoft has categorized KB5083110 as a mandatory update for organizations running Active Directory services on the affected platforms. Unlike standard monthly updates, this out-of-band fix is not being pushed automatically through the standard Windows Update consumer channel. Instead, it is available via the Microsoft Update Catalog and Windows Server Update Services. Microsoft has instructed IT departments to manually download and test the package before broad internal distribution to ensure compatibility with existing enterprise software and to prevent further service interruptions.
In an official statement posted to the Windows Release Health dashboard, Microsoft noted that the update specifically addresses the LSASS crash and does not contain any additional security hardening or feature changes. The company also clarified that servers not configured as domain controllers are unlikely to experience the reboot loop, though the update is still recommended for consistency across server fleets. This release follows a period of heightened pressure from enterprise customers who reported that the initial workarounds, which involved rolling back security patches, left their environments vulnerable to known exploits.