Installation is optional for users and organisations that have not encountered reset or recovery failures

Microsoft has rushed out emergency patches to resolve a critical Windows bug that broke reset and recovery functions for users who installed the company’s August 2025 security updates.

The flaw, confirmed by Microsoft on Monday, affects both Windows 10 and earlier builds of Windows 11.

It prevents users from completing key troubleshooting operations, including “Reset my PC” and recovery via the “Fix problems using Windows Update” tool.

These features allow systems to be reinstalled while retaining files, apps, and settings –capabilities that many users rely on during maintenance or system crashes.

The faulty updates that triggered the problem included:

KB5063875 for Windows 11 versions 23H2 and 22H2
KB5063709 for Windows 10 22H2, Windows 10 Enterprise LTSC 2021, and Windows 10 IoT Enterprise LTSC 2021
KB5063877 for Windows 10 Enterprise LTSC 2019 and Windows 10 IoT Enterprise LTSC 2019

The bug also disrupted RemoteWipe CSP, a tool used by IT administrators to reset devices remotely, posing a particular headache for enterprise environments.

On Tuesday evening, one day after acknowledging the issue, Microsoft released out-of-band (OOB) cumulative updates designed to replace the problematic ones:

KB5066189 for Windows 11 (23H2 and 22H2)
KB5066188 for Windows 10 22H2, Windows 10 Enterprise LTSC 2021, and Windows 10 IoT Enterprise LTSC 2021
KB5066187 for Windows 10 Enterprise LTSC 2019 and Windows 10 IoT Enterprise LTSC 2019

“A non-security out-of-band (OOB) update was released today, August 19, 2025, to address this issue,” Microsoft said in a statement.

“This is a cumulative update, so you do not need to apply any previous updates before installing this update, as it supersedes all previous updates for affected versions.”

The company recommends that anyone who has not yet installed the flawed August 2025 security updates should skip them entirely and instead apply the new OOB patches.

For users and organisations that have not encountered reset or recovery failures, installation is considered optional.

These emergency updates are being distributed through Windows Update, Windows Update for Business, and the Microsoft Update Catalog.

Because they are cumulative, administrators do not need to install prior patches, simplifying deployment across large IT environments.

Reset and recovery are among Windows’ most important safety nets for both home users and businesses. Microsoft’s response indicates the critical nature of the bug, which risked leaving affected systems unable to perform essential repair operations.

Last month, Microsoft issued emergency patches for two zero-day vulnerabilities tracked as CVE-2025-53770 and CVE-2025-53771 affecting on-premise versions of Microsoft SharePoint Server.

The company said it was aware of “active attacks” targeting CVE-2025-53770 in “ToolShell” attacks.

The US Cybersecurity and Infrastructure Security Agency (CISA) confirmed that hackers were able to gain unauthorised remote access to vulnerable systems using the exploit.

The intrusions spanned continents, prompting coordinated investigations and emergency responses by authorities in the US, Canada and Australia.

Security experts have strongly advised organisations using vulnerable on-premises SharePoint servers to take the following immediate actions:

Apply all available security patches without delay and continue to implement new updates as they are released
Rotate all cryptographic keys and credentials to prevent unauthorised access
Engage a professional incident response team to assess potential compromise and mitigate further risk