Microsoft blames unexpected Windows driver updates on caching issue
Microsoft fixes Windows driver caching issue causing unexpected updates despite admin policies.
Summary
Microsoft resolved a Windows Update caching service misconfiguration that caused enrolled devices to be treated as non-enrolled, allowing driver updates to bypass administrator policies preventing auto-updates. The company confirmed all affected drivers were Microsoft-signed and posed no security threat, but admins reported tens of thousands of devices receiving unexpected BIOS and driver updates that caused audio and video failures. Microsoft has committed to reviewing the caching service logic to improve detection and prevention of similar issues.
Full text
Microsoft blames unexpected Windows driver updates on caching issue By Sergiu Gatlan June 4, 2026 09:41 AM 0 On Wednesday, Microsoft fixed an issue that caused some Windows devices to install driver updates without notice despite policies configured to prevent auto-updates. In an admin center incident report (MO1332784), Microsoft blamed the issue on a misconfiguration in the Windows Update caching service that temporarily dropped device enrollment information, causing some Windows devices to be treated as non-enrolled and preventing driver-approval controls from being applied correctly. The Intune Support Team also acknowledged the issue on Twitter and Reddit, saying the company was actively working to mitigate it. "We've received a report of an issue where users' Windows devices that have configured policies to prevent auto updates are installing drivers," Microsoft said when it acknowledged the issue on Tuesday afternoon, June 2. "As we work to remediate the impact, we've determined that the drivers being installed are Microsoft approved/signed and that they don't pose a security threat." Microsoft updated the affected service cache and the enrollment status for affected devices to mitigate the impact and, in a Wednesday update, confirmed that the issue had been resolved. "We've validated that this issue is resolved following impact remediation confirmation from a subset of previously affected users," it added. "We're continuing to review how this caching service temporarily dropped Windows device enrollment information to better inform how to detect, prevent, and respond to similar service issues in the future." While the company has yet to share how many regions or customers were affected by this issue, Windows admins have reported having to deal with tens of thousands of devices unexpectedly getting BIOS and driver updates, in many cases causing audio or video devices to stop functioning. In April, Microsoft resolved a known issue causing systems running Windows Server 2019 and 2022 to upgrade to Windows Server 2025 "unexpectedly." Last month, Microsoft also addressed a bug that installed driver updates on some Autopatch-managed Windows 11 devices across the European Union, even when administrative policies were configured to restrict driver deployment. Test every layer before attackers do Security teams log 54% of successful attacks and alert on just 14%. The rest move through your environment unseen.The Picus whitepaper shows how breach and attack simulation tests your SIEM and EDR rules so threats stop slipping by detection. Get the whitepaper Related Articles: Microsoft fixes Windows Autopatch bug installing restricted driversMicrosoft: Domain Controller lookup may fail on Windows Server 2016Microsoft fixes KB5089549 Windows security update install issuesMicrosoft confirms April Windows updates cause backup failuresMicrosoft plans to improve Windows 11 driver quality in 2026