Microsoft Corporation officially confirmed on April 21, 2026, that a critical regression in its latest security update is causing widespread stability issues for enterprise identity infrastructure. The update, identified as KB5082063 and released as part of the April 2026 Patch Tuesday cycle, has been linked to crashes in the Local Security Authority Subsystem Service (LSASS.exe) on Windows Server domain controllers. These crashes trigger an automated system restart, often resulting in a continuous reboot loop that prevents the server from maintaining uptime.
According to technical documentation released by Microsoft’s Windows Release Health team, the issue specifically targets domain controllers that do not hold the Global Catalog role and are operating within environments utilizing Privileged Access Management (PAM). When the LSASS process terminates unexpectedly, the system generates an error message—typically citing status code 0xc0000005 or 0xc0000374—and initiates a shutdown sequence within 60 seconds. This behavior effectively halts Active Directory authentication services, preventing users from logging into corporate networks and disrupting access to integrated cloud services and internal applications.
The scope of the disruption is significant for large-scale enterprise environments. Microsoft reports that the crash occurs during the processing of specific LDAP queries or authentication requests related to the PAM optional feature. While the company has not provided an exact count of affected servers, the issue impacts multiple versions of the operating system, including Windows Server 2022, Windows Server 2019, and the recently released Windows Server 2025. Organizations with complex identity architectures that rely on non-Global Catalog servers for localized authentication have reported the highest frequency of failures.
In an official statement, Microsoft engineers confirmed they are working on an out-of-band update to resolve the underlying memory management error within the LSASS process. Until a permanent fix is deployed, Microsoft has recommended that administrators consider temporary mitigation strategies. One suggested workaround involves promoting affected domain controllers to Global Catalog servers, provided the hardware can support the additional resource requirements. Alternatively, some IT departments have reported success by rolling back the KB5082063 update, though Microsoft cautions that this leaves systems vulnerable to the security flaws the patch was originally intended to address.
The downtime duration for affected organizations has varied based on the speed of manual intervention. In some instances, automated recovery scripts failed to break the reboot cycle, requiring physical or remote console access to enter Safe Mode and disable the update. Microsoft has committed to providing a revised update package within the next 48 to 72 hours to restore stability to affected directory services.