Full Report
Microsoft has released emergency Windows out-of-band updates to resolve a known issue breaking reset and recovery operations after installing the August 2025 Windows security updates. [...]
Analysis Summary
# Vulnerability: Emergency Fixes for Windows Recovery Component
Due to an emergency situation, Microsoft released non-security out-of-band (OOB) updates to address an unspecified issue potentially affecting the Windows Recovery environment. Specific CVEs, severity details, and full technical descriptions are *not* provided in this summary, as the update is labeled as "non-security."
## CVE Details
- CVE ID: Not specified in the context (Non-security OOB Update)
- CVSS Score: Not specified
- CWE: Not specified
## Affected Systems
- Products: Windows operating systems including Windows 11 (23H2, 22H2, 24H2), Windows 10 (22H2), Windows 10 Enterprise LTSC 2021/IoT Enterprise LTSC 2021, and Windows 10 Enterprise LTSC 2019/IoT Enterprise LTSC 2019.
- Versions: Specific versions contingent on the Windows build being used.
- Configurations: Devices that have not yet installed the August 2025 Windows security update are specifically targeted by this OOB replacement update.
## Vulnerability Description
Microsoft released an emergency, non-security Out-of-Band (OOB) cumulative update to address an issue related to the **Windows Recovery** component. The exact nature of the flaw requiring emergency remediation is not detailed publicly as a security vulnerability (no CVE assigned in this context), suggesting it might disrupt recovery functionality or operation rather than create an immediate remote exploit risk.
## Exploitation
- Status: Unknown. The update is classified as "non-security," potentially indicating the issue was either a functional bug or a vulnerability that, while critical enough for an OOB fix, was not immediately associated with active exploitation or severe security risk requiring a CVE assignment upon release.
- Complexity: Not specified.
- Attack Vector: Not specified.
## Impact
- Confidentiality: Unknown/Not specified (Likely Low if non-security related)
- Integrity: Unknown/Not specified
- Availability: Potentially high if the recovery mechanism was rendered unusable.
## Remediation
### Patches
**Note:** These OOB updates supersede previous updates for affected versions.
| KB Article | Affected Products |
| :--- | :--- |
| **KB5066190** | Windows 11 (23H2, 22H2, 24H2) |
| **KB5066188** | Windows 10 (22H2), Windows 10 Enterprise LTSC 2021, Windows 10 IoT Enterprise LTSC 2021 |
| **KB5066187** | Windows 10 Enterprise LTSC 2019, Windows 10 IoT Enterprise LTSC 2019 |
### Workarounds
If a device is *not* affected by the issue, Microsoft states that installation of this OOB update is not necessary.
**Related Fixes Mentioned:**
1. A **Known Issue Rollback (KIR)** fix was also deployed to address Windows update failures when running the Windows Update Standalone Installer (WUSA) from network shares.
2. A fix was deployed for the **0x80240069** error that caused August 2025 cumulative updates to fail on Windows 11 24H2 systems delivered via WSUS after installing KB5063878.
## Detection
- Detection is focused on the installation status of the specific KB articles listed above.
- Devices that have *not* installed the August 2025 security update should prioritize the installation of the corresponding OOB update (KB5066190, KB5066188, or KB5066187).
## References
- Vendor Advisory (General Context): Microsoft releases emergency updates to fix Windows recovery
- Patch KB Reference (KB5066190): support dot microsoft dot com/topic/a548921f-503a-467a-b0bc-968a856673f4
- Patch KB Reference (KB5066188): support dot microsoft dot com/topic/decbec0f-fddb-4dc0-b91b-ed59001ce0d8
- Patch KB Reference (KB5066187): support dot microsoft dot com/topic/57a2518a-df8b-440d-9f1e-d7cd4a4af4d8
- Microsoft Update Catalog: catalog dot update dot microsoft dot com/home dot aspx