Here is a summary of the situation based on your provided article and corroborated by reputable sources: Issue:
Windows Server 2025 domain controllers could become unreachable after a restart.
Cause: After reboot, the server incorrectly applies the default firewall profile rather than the domain network profile.
Result: Application/service disruptions, unreachable network ports, and potentially blocked or exposed ports.
Fix:
Microsoft addressed this in the KB5060842 security update (June 2025 Patch Tuesday).
Applying this update ensures the correct firewall profile loads after a restart.
Temporary Workaround:
If the update cannot be applied immediately, you can use the command in PowerShell: Restart-NetAdapter *
This will reload the network adapter and apply the correct profile.
Note: This action must be repeated after every restart until the update is installed, because the problem returns after each reboot.
Additional Note:
Microsoft also resolved a separate issue impacting Windows Hello logins after installing KB5055523 (April 2025), especially affecting devices with Credential Guard and Kerberos PKINIT pre-authentication.
Action Steps:
If you run Windows Server 2025 domain controllers, apply KB5060842 as soon as possible.
If delay is unavoidable, use the PowerShell workaround after every restart until the update is applied.