Microsoft released an emergency out-of-band update on October 20 to address critical Windows Recovery Environment failures while continuing to grapple with broader authentication problems affecting Windows 11 systems with duplicate security identifiers.
Emergency Patch Restores Windows Recovery
The company issued update KB5070773 to fix a severe bug that rendered Windows Recovery Environment (WinRE) unusable on systems running Windows 11 versions 24H2 and 25H2. The issue, caused by the October 14 security update KB5066835, prevented USB keyboards and mice from functioning within the recovery environment, leaving users unable to access repair tools when their computers failed to boot.
“This issue prevents navigation of any of the recovery options within WinRE,” Microsoft acknowledged in its support documentation. The emergency update automatically installs via Windows Update and restores USB functionality in the recovery environment.
For users unable to boot their systems to install the update, Microsoft recommends using touchscreens, PS/2 keyboards, or USB recovery drives as workarounds. IT administrators can deploy the fix through Configuration Manager or Windows deployment tools.
Ongoing Authentication Crisis
Separately, Microsoft confirmed that Windows updates released since August 29 are causing widespread authentication failures on systems with duplicate Security Identifiers (SIDs). The updates KB5064081 and KB5065426 include stricter security protections that enforce SID checks, blocking Kerberos and NTLM authentication between devices sharing identical SIDs.
Affected users experience repeated credential prompts, failed login attempts with valid passwords, and “access denied” errors when accessing network resources. Remote Desktop connections and shared network folders become inaccessible, while Event Viewer logs show SEC_E_NO_CREDENTIALS errors and machine ID mismatches.
The authentication problems primarily affect organizations that improperly cloned Windows installations without using Microsoft’s Sysprep tool, which ensures unique SIDs for each system. Unlike the WinRE issue, this problem requires permanent fixes through system rebuilding or temporary workarounds via special Group Policy configurations available only through Microsoft Support for Business.
The authentication enforcement represents a significant security hardening effort by Microsoft, but has exposed operational practices that violate the company’s disk duplication policies. The changes are designed to prevent credential replay attacks and NTLM relay exploits, but create immediate disruption for environments with duplicate SIDs.
Also Read: OpenAI Launches ChatGPT Atlas AI Browser, Taking Direct Aim at Google Chrome
