September 2025 Update KB5065426 causes issues with large AD environments

Posted on 2025-10-16 by guenni

Bug[German]A feature change causes administrators of large Active Directory environments to encounter problems when installing the September 2025 update KB5065426 for Server 2025. However, there is a workaround.

Windows Server 2025 Update KB5065426

On September 9, 2025, Microsoft released security update KB5065426 for Windows Server 2025 (see Patchday: Windows Server-Updates (September 9, 2025)). This update rolled out numerous fixes and changes, which are listed in the linked support article.

However, the Known Issues section of this support article also contains a list of known problems:

  • Errors with PSDirect connections in hot patch devices
  • SMBv1 protocol connectivity
  • Active Directory replication
  • Directory synchronization (DirSync)

Details can be found in the linked support article.

Problem with AD directory synchronization

The entry Directory synchronization (DirSync) listed above refers to a newly documented issue (via). According to the entry Directory synchronization fails for AD security groups exceeding 10,000 members in the Known Issues section of the Windows Server 2025 Release Health Dashboard dated October 14, 2025, there are issues with security update KB5065426.

Applications that use Active Directory directory synchronization (DirSync) for local Active Directory Domain Services (AD DS), such as when using Microsoft Entra Connect Sync, may result in incomplete synchronization of large AD security groups with more than 10,000 members.

This issue only occurs on Windows Server 2025 after installing the September 2025 Windows security update (KB5065426) or later updates. Affected customers can open the following registry key to disable the feature change.

HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Policies\Microsoft\FeatureManagement\Overrides

Set the 32-bit REG_DWORD value 2362988687 to 0. Microsoft points out that any changes to the registry are made at your own risk. Microsoft is investigating the problem and plans to release a patch in due course.

Similar articles:
Microsoft Security Update Summary (September 9, 2025)
Patchday: Windows 10/11 Updates (September 9, 2025)
Patchday: Windows Server-Updates (September 9, 2025)
Patchday: Microsoft Office Updates (September 9, 2025)

AutoCAD, Firefox, SAP requests admin rights after Windows August 2025 updates (MSI error 1730) 
Microsoft confirms UAC issue in Windows after August 2025 update
Windows 10/11: Aug. 2025 updates cause streaming problems

This entry was posted in issue, Windows and tagged , . Bookmark the permalink.

Leave a Reply

Your email address will not be published. Required fields are marked *

Note: Please note the rules for commenting on the blog (first comments and linked posts end up in moderation, I release them every few hours, I rigorously delete SEO posts/SPAM).