Microsoft Fixes Windows Update Bug That Installed Drivers Despite Blocked Policies

Microsoft has resolved a Windows Update issue that caused some Windows devices to install driver updates even when administrators had configured policies to block automatic updates.

Microsoft says caching misconfiguration triggered unexpected driver installs

The issue was tracked in the Microsoft 365 admin center under incident ID MO1332784. According to Microsoft, the problem came from a misconfiguration in the Windows Update caching service, which temporarily caused some affected devices to lose their enrollment information.

Because those devices no longer appeared as enrolled, Windows treated them as unmanaged systems. As a result, driver approval controls did not apply correctly, and driver updates could install unexpectedly.

Microsoft restores enrollment data and resolves the issue

Microsoft acknowledged the issue on Tuesday, June 2, after reports that some managed Windows devices were receiving drivers despite update restrictions. The company said it reviewed the installed drivers and confirmed they were Microsoft-approved and signed, meaning they did not pose a security threat.

The company later mitigated the problem by updating the affected service cache and restoring enrollment status for affected devices. Microsoft confirmed on Wednesday that the issue had been resolved after validating the remediation with some previously affected users.

Managed Windows environments may have been affected

The incident could have affected organizations that rely on Windows Update policies to control driver deployment across managed devices. For IT administrators, the issue may have created confusion because devices appeared to bypass configured restrictions without a local policy change.

Microsoft has not said how many customers were affected. It also has not disclosed whether the problem hit specific regions, device types, or management configurations more heavily than others.

Microsoft continues probe into root cause of policy failure

The company said it is still investigating how the Windows Update caching service dropped enrollment information in the first place. That investigation should help Microsoft prevent similar policy enforcement failures in future Windows Update servicing flows.

The fix comes as Microsoft continues to make broader Windows changes. The company recently released new Windows 11 Insider ISO files for testers, introduced new Kerberos features designed to reduce NTLM dependency, and said it does not plan to take action against security researchers following backlash over a recent vulnerability disclosure dispute.

Via BleepingComputer