Reports have emerged from several users indicating that Windows Server 2022 is unexpectedly upgrading to Windows Server 2025 without obtaining the necessary licensing. This situation seems to be linked to a faulty API.
Windows Server 2025 has been officially released for all users, functioning as an optional update like other significant enhancements; however, many individuals have observed that their Windows Server 2022 installations are being upgraded to Windows Server 2025 automatically during the night. Microsoft has clarified that this is not a forced update, indicating that something unusual is taking place.
On November 5, various small businesses utilizing third-party patch management tools designed for handling security or feature updates discovered that their computers had unexpectedly upgraded to Server 2025. This development poses a substantial concern as, contrary to Windows Updates, Windows Server versions require paid licenses.
One impacted user shared their experience, stating, “all of our Windows 2022 Servers had either upgraded themselves to 2025 overnight or were about to do so. This obviously came as a shock as we’re not at the point to do so for many reasons and the required licensing would not be present.”
It appears that Microsoft may have incorrectly labeled updates in its API, leading third-party applications to perceive Windows Server as a security update. Recent reports indicate that the main issue stems from Microsoft erroneously categorizing the Windows Server 2025 upgrade (KB5044284) as a security update within their Windows Update API.
This mislabeling caused third-party patch management solutions, such as Heimdal, to identify it as an urgent security update that required installation.
Consequently, third-party applications or any system that depends on the API will automatically download and install this update on Windows Server 2022 systems, unexpectedly upgrading them to Windows Server 2025.
The unintended upgrades occurred without adequate planning or licensing for the new version, leading to complications such as servers running without proper licenses.
In October, Microsoft released an update KB5044284 for Windows 11 24H2, which was intended as a security update. However, an error occurred on Microsoft’s side, causing this update to be incorrectly categorized and inadvertently providing an upgrade path to Windows Server 2025 via the API.
The API, while not commonly utilized directly by businesses, can lead to problems when third-party tools that depend on APIs are employed.
What issues might arise from this situation?
In a Reddit discussion, the patch management firm Heimdal acknowledged the reports regarding this issue and indicated that it likely stemmed from Microsoft’s misclassification within the Windows Update API.
Heimdal announced that it intervened to block the KB5044284 update to stop automatic upgrades to Windows Server 2025.
“On November 5 at 12:16 UTC, a customer alerted Heimdal about unanticipated upgrades related to Windows Server 2025 within their systems. Considering the limited initial impact, it took some time to pinpoint the root cause. By 18:05 UTC, we identified that the problem stemmed from the Windows Update API, where Microsoft had wrongfully labeled the Windows Server 2025 upgrade as KB5044284,” the firm stated.
For those impacted, businesses now face the decision of whether to restore servers from backups, reconstruct them, or invest in new licenses for Windows Server 2025.
Additionally, organizations utilizing API and third-party tools might also encounter similar challenges with Windows Server 2025 being installed automatically. Some users reported that the update showed up as an optional feature, while others experienced automatic installation due to their update configurations.
ColoCrossing excels in providing enterprise Colocation Services, Dedicated Servers, VPS, and a variety of Managed Solutions, operating from 8 data center locations nationwide. We cater to the diverse needs of businesses of any size, offering tailored solutions for your unique requirements. With our unwavering commitment to reliability, security, and performance, we ensure a seamless hosting experience.
For Inquiries or to receive a personalized quote, please reach out to us through our contact form here or email us at sales@colocrossing.com.
