Some users have reported that Windows Server 2022 is being upgraded to Windows Server 2025 without the necessary licensing. This issue seems to be associated with an API error.
Windows Server 2025 has now been released to the public, and it’s considered an optional update, similar to other major updates. However, certain users have observed that their Windows Server 2022 systems are being upgraded to Windows Server 2025 unexpectedly overnight. Microsoft is not directly enforcing the installation of this update, suggesting an alternative issue at play.
On November 5, small businesses utilizing third-party patch management solutions reported that their machines had upgraded to Server 2025. This situation is concerning because, unlike standard Windows Updates, Windows Server releases come with associated costs and require individual licensing.
One affected user shared that “all of our Windows 2022 Servers had either upgraded themselves to 2025 overnight or were on the verge of doing so. This was quite surprising since we were not ready to make that change for various reasons, and the necessary licensing was not in place.”
It seems that Microsoft may have made an error in the labeling of updates on its API, leading third-party tools to misinterpret Windows Server as a security update. Reports indicate that the core issue stems from Microsoft mistakenly categorizing the Windows Server 2025 upgrade (KB5044284) as a security update within their Windows Update API.
This mislabeling resulted in third-party patch management solutions, such as Heimdal, detecting it as an urgent security update requiring installation.
Consequently, these third-party tools, along with any services dependent on the API, will automatically download and install the update on Windows Server 2022 systems, inadvertently updating them to Windows Server 2025.
This unanticipated upgrade, occurring without proper planning or licensing for the new version, has led to complications, including instances of unlicensed servers.
In October, Microsoft launched an update KB5044284 for Windows 11 24H2, aimed at enhancing security. However, due to an oversight on Microsoft’s side, this update was incorrectly classified and added an upgrade pathway to Windows Server 2025 within the API.
Though the API isn’t usually utilized directly by businesses, third-party tools that depend on APIs could encounter issues stemming from this misclassification.
What potential problems could arise from this situation?
In a discussion on Reddit, patch management company Heimdal acknowledged that they are aware of the reports and suggested that the mishap was a result of Microsoft’s misclassification in the Windows Update API.
Heimdal has announced that it has blocked the KB5044284 update to prevent automatic upgrades to Windows Server 2025.
“On November 5th at 12:16 UTC, a customer notified Heimdal about unexpected upgrades related to Windows Server 2025 in their setup. Due to the initially limited scope, it took some time to pinpoint the root cause. By 18:05 UTC, we traced the issue back to the Windows Update API, where Microsoft had inadvertently tagged the Windows Server 2025 upgrade as KB5044284,” the company stated in a release.
For those impacted, organizations now face the decision of whether to restore servers from backups, rebuild them, or acquire new licenses for Windows Server 2025.
Additionally, other organizations using API and third-party tools may encounter similar issues with Windows Server 2025 being installed automatically. Some users observed that the update showed up as an optional feature, while for others, it was automatically installed based on their update policies.
About The Author
Mayank Parmar is an entrepreneur and the founder of Windows Latest. As the Editor-in-Chief, he has dedicated seven years to writing on a variety of subjects, although he is particularly recognized for his thorough investigations into Microsoft’s Windows. His articles and research have been cited by major outlets including CNN, Business Insider, Forbes, Fortune, CBS Interactive, Microsoft, and many others throughout his career.
Hudson Valley Host is premier provider of cutting-edge hosting solutions, specializing in delivering a seamless online experience for businesses and individuals. We offer a comprehensive range of hosting services, including Shared Hosting, VPS, Dedicated Servers, and Colocation. With 24/7 technical support, robust security measures, and user-friendly control panels, we empower clients in managing their online presence effortlessly. Hudson Valley Host is your trusted partner in achieving online success.
For Inquiries or to receive a personalized quote, please reach out to us through our contact form here or email us at sales@hudsonvalleyhost.com.
