MS-DEFCON 2: Recapping the news

By Susan Bradley

 

Despite the headlines and my caution last week about lowering the MS-DEFCON level too far, another wave of patches is right around the corner.

 

Accordingly, I’m raising the MS-DEFCON level to 2.

 

This is not different from any other month’s recommendation — I always suggest deferring patches before any Patch Tuesday while we test and evaluate Redmond’s monthly gifts to learn whether we’re headed for tranquility or havoc. Due to the KB5063878 headlines, you’re probably being careful anyway. It’s become controversial.

 

Shortly after KB5063878 became available, reports of serious problems with SSDs emerged. I decided to do my own research. I even gritted my teeth and called upon Perplexity.ai for help. Here is what I found, along with my take on each matter.

SSD failures

Many users report SSDs becoming inaccessible, unrecognizable, or converting to RAW format after installing the update.

 

I’m not seeing widespread verification of this problem. I have installed this update on all my computers without any side effect.

Data corruption

Large read/write operations can cause data corruption, leading to file system errors and loss of data integrity on affected SSDs.

 

SSDs can spontaneously fail for a variety of reasons. I always recommend regular backups of your drives to deal with any catastrophic event. Meanwhile, ongoing reports of corruption are inconclusive, with other testers failing to duplicate the problem.

Inability to uninstall

Some users find that the update cannot be uninstalled, further compounding the issue if the system becomes unstable.

 

This is absolutely incorrect. All security updates can be uninstalled. The reports I’ve seen on this have consistently used the wrong command to uninstall updates, one that is no longer supported in Windows 11. I explain this below. Note that this is different from Windows feature releases, such as updating from 23H2 to 24H2, which cannot be uninstalled after ten days.

Vanishing drive

SSDs may disappear from File Explorer or show as missing partitions after the update, often requiring advanced recovery tools to restore functionality.

 

This does appear to be happening, but I’ve seen many more reports that the disappearing drive comes back after a reboot, without special tools. Either way, I see no evidence that this is a widespread problem.

Enterprise and personal systems affected

Both enterprise deployments and individual users have reported failed installations or corrupted drives, with no consistent official fix yet available.

 

My research does not indicate that this has happened in enterprise deployments.

No fix

There is not yet a consistent official fix.

 

Microsoft quickly reported that it was investigating the problem. It then said it could find no connection with KB5063878 and could not duplicate the problem. Phison, the Taiwanese manufacturer of SSD controllers identified as contributing to the problem, said the same.

 

Perplexity hinted that Microsoft was working on a fix. There is no evidence to support that claim, and I consider it an AI hallucination. It’s not yet clear whether a fix is needed.

 

We asked Microsoft for a further statement and received this reply from a spokesperson:

 

After thorough investigation, we have found no connection between the August 2025 update and the types of hard drive failures reported on social media. As always, we continue to monitor feedback after the release of every update and will investigate any future reports. If you experience issues after installing Windows updates, please contact Support for Business or use the Feedback Hub app to send us your report.

Uninstalling security updates

To remove any security update, do the following:

 

 

See Figure 1.

 

Figure 1. A patch can be removed from the command line with dism.

 

There is a way to hide an update, which then prevents it from automatically reinstalling. It’s the Windows Update Show Hide tool (WUShowHide, a troubleshooter download from Microsoft). See Figure 2.

 

Figure 2. WUShowHide allows individual updates to be hidden, which prevents Windows from installing them.

 

I like this tool because of its convenient and clear user interface. But it’s also obvious from Figure 2 that Microsoft is retiring the tool. It will probably remain available from download sites in the future, including our own BlockAPatch.com site.

 

When downloading WUShowHide, you will be confronted by various security challenges — depending upon the browser being used. All provide a “keep” option that will allow you to download the troubleshooter despite the warnings.

 

There are other patch-removal solutions. If interested, I’ll discuss them in the forum.

Consumers

In the August updates, Microsoft acknowledged an issue with the Network Device Interface (NDI) for streaming or transferring audio/video feeds between PCs after installing the August 2025 Windows security update (KB5063878). The issue affects streaming apps, including OBS (Open Broadcaster Software) and NDI Tools, especially when “Display Capture” is enabled on the source PC. The problem persists even under low-bandwidth conditions.

 

NDI recommends manually changing the NDI Receive Mode to use TCP or UDP instead of RUDP. For steps to do this, see the NDI support-site article Traffic Drops After Windows Update.

 

Although I am still not convinced that KB5063878 for Windows 11 24H2 is the horrific data-destroying patch described by the news media, I don’t blame you for being concerned. The reassurance I can offer at this point is that the patch applies only to Windows 11 24H2 (not 23H2 or Win10 22H2), is not widespread, and is very hard to duplicate.

 

Don’t panic. Perform your normal backup. Be cautious if you have a 2TB or larger SSD. I’ll be discussing the problem further in Monday’s newsletter.

Businesses

The upcoming September updates will include a new setting for backing up workstation settings to Microsoft. Microsoft has indicated that the September updates for Windows 11 and Windows 10 will now include Windows Backup for Organizations. It provides seamless device transitions with enterprise-grade backup and restore. Whether you’re refreshing your organization’s devices, upgrading to Windows 11, or deploying AI-powered PCs, this solution helps sustain productivity with minimal disruption, ensuring business continuity and organizational resilience.