Full Report
Microsoft has confirmed that this month's security updates disable USB mice and keyboards in the Windows Recovery Environment (WinRE), making it unusable. [...]
Analysis Summary
# Vulnerability: USB Input Failure in Windows Recovery Environment (WinRE) Post-October Updates
## CVE Details
- CVE ID: Not specified in the article (This is a known issue/regression, not a typical security vulnerability)
- CVSS Score: N/A (Regression/Bug)
- CWE: N/A
## Affected Systems
- Products: Windows 11 (24H2, 25H2), Windows Server 2025
- Versions: Systems updated with the October 2025 security updates, specifically KB5066835.
- Configurations: Any system using wired USB mice or keyboards when accessing the Windows Recovery Environment (WinRE).
## Vulnerability Description
Microsoft confirmed a regression introduced by the October 14, 2025 cumulative security updates (KB5066835). This update causes wired USB input devices (mice and keyboards) to cease functioning correctly within the Windows Recovery Environment (WinRE). While input devices work normally within the fully booted Windows OS, this failure prevents users from navigating recovery options necessary for troubleshooting or repairing the operating system if Windows fails to start.
## Exploitation
- Status: Not applicable/Regression (Not a security exploit)
- Complexity: Not applicable
- Attack Vector: Not applicable (System functionality failure)
## Impact
- Confidentiality: Low (Indirect risk if recovery is necessary)
- Integrity: Medium (Prevents necessary operating system repair functions)
- Availability: High (Loss of ability to access and repair the OS via standard recovery methods)
## Remediation
### Patches
- A fix is confirmed to be in development, expected to be released "over the coming days" from the time of the article (Oct 20, 2025). No specific patch KB is listed yet.
### Workarounds
1. **Use Bluetooth wireless mice and keyboards:** These functional alternatives bypass the USB driver issue in WinRE.
2. **Use PS/2 connector input devices:** Older PS/2 keyboards/mice are reported not to be affected.
## Detection
- **Indicators of Compromise:** Inability to move the cursor or type when accessing troubleshooting/repair modes (WinRE).
- **Detection methods and tools:** Observing hardware behavior specifically after booting into the Windows Recovery Environment post-update.
## References
- Vendor Advisory (KB Information): support dot microsoft dot com/help/5066835
- Vendor Advisory (Issue Confirmation): Microsoft Windows release health dashboard update on Friday (October 17/18, 2025)