A recent update has caused an unexpected and potentially disruptive issue for businesses relying on Windows Server 2022. The release of KB5044284, initially labeled as a security update, has inadvertently upgraded some servers from Windows Server 2022 to Windows Server 2025. This automatic upgrade has led to licensing, operational, and compatibility issues for many businesses who were not prepared for such a transition.
An Update Nobody Asked For
For many businesses, including those managing their patching process meticulously, the overnight upgrade came as an unpleasant surprise. IT admins have found that KB5044284 appears differently across various systems and environments. For some, it’s listed as a “Security Update,” while for others, particularly when managed through third-party tools, it’s classified as an “Upgrade.”
One user on Reddit, u/Fatboy40, shared their experience:
"Arriving at work this morning...all of our Windows 2022 Servers had either upgraded themselves to 2025 overnight or were about to do so. This obviously came as a shock as we're not at the point to do so for many reasons, and the required licensing would not be present.” – source
Such unanticipated upgrades have left businesses scrambling to manage the fallout, especially since Windows Server 2025 licensing requirements mean that affected systems may soon be non-compliant if they lack proper licensing. The general consensus on Reddit was that Microsoft needed to get their act together. I however prefer Morty's response.
Role of Patch Management Systems
Another layer of complexity arises from how third-party patch management systems interpret this update. In many instances, the update was misclassified as an OS upgrade rather than a security update. This misclassification led to systems auto-approving the update as part of their standard patching routines. u/Celikooo, another Reddit user, observed that:
"According to WSUS, KB5044284 is only available for 2025 servers. It is declared as a Security Update. It is most likely not upgrading the OS from 2022->2025. However, the OP apparently configured Heimdal in a way to install all updates...which most probably caused the servers to update to 2025."– source
This highlights how the classification discrepancies between Microsoft and third-party tools can lead to unexpected outcomes, even when administrators believe their settings are secure.
Avoiding Unwanted Upgrades
For IT teams and businesses managing Windows Servers, a few immediate actions can help mitigate this risk:
Review Patch Management Settings: Double-check settings in tools like Heimdal, WSUS, or other RMM systems to ensure that “Feature” or “Upgrade” classifications aren’t being inadvertently approved for server environments.
Set up Exclusions for Critical Systems: For businesses not ready for Server 2025, setting up exclusions for KB5044284 can help prevent it from installing until the issue is fully resolved.
Monitor Microsoft’s Official Communications: Microsoft may address this issue with additional patches or reclassifications. Staying informed about any updates can help prevent further disruptions.
256 Solutions saw this issue early this morning and blocked this update through our RMM platform to prevent these updates from moving forward.
Kommentare