[German]Microsoft has released the security update KB5055523 for Windows 11 24H2 on April 8, 2025. The update is intended to bring improvements to various functions, update some AI components and close vulnerabilities. Unfortunately, this update can trigger a (SECURE_KERNEL_ERROR) Blue Screen.
Advertising
Windows 11 24H2 Update KB5055523
Cumulative Update KB5055523 for Windows 11 24H2 includes security patches and quality improvements. The vulnerabilities closed as of April 2025 are described in the blog post Microsoft Security Update Summary (8. April 2025).
Among other things, the update fixes a problem that affects the rotation of computer passwords in the path for Identity Update Manager certificate/Public Key Cryptography for Initial Authentication (PKNIT). The issue occurred when using Kerberos with Credential Guard enabled. This could lead to problems with user authentication. The Machine Accounts feature in Credential Guard, which is dependent on password rotation via Kerberos, has also been disabled until a permanent solution is available.
In the meantime, Microsoft has also added an explanation to the support article KB5055523, which addresses the new folder c:\inetpub (see Windows 10/11: April 2025 updates create "inetpub" folder). After installing this update or a later Windows update, the new folder:
%systemdrive%\inetpub
is created in Windows 11. This folder should not be deleted (even if no Internet Information Services (IIS) are activated. This folder is part of the changes to increase protection against the vulnerability CVE-2025-21204.
Advertising
The update also updates the AI components Image Search, Content Extraction and Semantic Analysis. Details can be found in the support article KB5055523.
Microsoft confirms BSOD problem
Since the release of the April 2025 update KB5055523, Microsoft has expanded the list of known problems caused by the update. In addition to problems with Citrix and Roblox, the broken Hello login has also been confirmed (see Windows 11 24H2/Server 2025: Hello login fails after April 2025 updates).
In the meantime, there is another supplemental entry (noticed here). After installing this update and restarting the device, a blue screen with error code 0x18B (SECURE_KERNEL_ERROR) may be displayed.
Until a fix is provided via Windows Update, Microsoft solves this problem by a Known Issue Rollback (KIR), which reverses the incorrect change. In managed environments, administrators must download, install and enable the group policy from the following address.
- Download for Windows 11, version 24H2 – Windows 11 24H2 and Windows Server 2025 KB5053656 250412_03103 Known Issue Rollback
Microsoft is working on a final solution that will be rolled out with a future Windows update.
Similar articles:
Microsoft Security Update Summary (April 8, 2025)
Patchday: Windows 10/11 Updates (April 8, 2025)
Patchday: Windows Server-Updates (April 8, 2025)
Windows 10/11: April 2025 updates create "inetpub" folder
Windows 11 24H2/Server 2025: Hello login fails after April 2025 updates
Advertising
