Why Windows Server 2025 Auto‑Upgraded Your 2022 Servers—and How to Fix It

Windows Server 2025 – Core Release Highlights

Microsoft released Windows Server 2025 as the successor to Server 2022. Key technical improvements include:

Security hardening : Enhanced Active Directory protection, new encryption algorithms, stricter default firewall rules, and mitigations against SMB‑based attacks (brute‑force, spoofing, man‑in‑the‑middle).

Hybrid‑cloud integration : Azure Arc is built‑in for unified network‑policy management and multi‑site deployments.

Hot‑patch subscription : Optional paid service that applies patches without reboot, reducing downtime for on‑premises servers.

AI/ML workload performance : Storage IOPS claimed to be up to 60 % higher than Server 2022, leveraging Azure‑scale performance optimisations.

Feature deprecations : Windows PowerShell 2.0, IIS 6 management console, legacy SMTP service, and VBScript (now on‑demand) are removed.

Known Issues in the Initial Release

During installation from CD/USB the UI always displays English text, regardless of the selected language.

Servers with more than 256 CPU cores may experience installation or upgrade failures, prolonged reboots (>3 h), or blue‑screen errors. The workaround is to limit the core count to ≤256 during install.

After installation, iSCSI boot environments can report a “boot device not accessible” error.

Unexpected Automatic Upgrade from Server 2022 to Server 2025

Within days of launch, many administrators reported that Windows Update automatically upgraded their Server 2022 machines to Server 2025. The upgraded systems were left in an unactivated state because no Server 2025 licenses, cores, or RDP entitlements had been purchased.

Investigation by the security firm Heimdal identified the root cause: the Windows Update metadata incorrectly classified the Server 2025 upgrade as KB5044284, a knowledge‑base entry that belongs to Windows 11. Because the KB was distributed to all managed servers, the upgrade was pushed unintentionally.

Impact

Unlicensed Server 2025 installations requiring immediate purchase of new licenses.

Operational disruption for organizations that need to roll back to Server 2022 or prevent further automatic upgrades.

Mitigation Steps

Restore affected servers from known‑good backups to revert to Server 2022.

Block the offending update via Group Policy or WSUS by disabling KB5044284.

gpedit.msc → Computer Configuration → Administrative Templates → Windows Components → Windows Update → Do not include drivers with Windows Updates → Enabled

(or the equivalent setting in your patch‑management solution).

Monitor Microsoft’s update channels for a corrected metadata release that re‑classifies the upgrade correctly.

Technical References

Discussion threads documenting the issue:

Reddit: https://www.reddit.com/r/sysadmin/comments/1gk2qdu/windows_2022_servers_unexpectedly_upgrading_to/

Level1Techs forum: https://forum.level1techs.com/t/server-2022-offering-upgrade-to-2025/219612

The Register article: https://www.theregister.com/2024/11/06/windows_server_2025_surprise/