NDI Streaming Breaks After August 2025 Windows Update: Fix by Switching NDI Transport

Microsoft has confirmed that its August 2025 security updates can break NDI-based streaming on affected Windows PCs, producing severe stutter, dropped frames, and choppy audio/video when Network Device Interface (NDI) is used with its default Reliable UDP (RUDP) transport — a regression that hits production workflows using OBS, NDI Tools and similar capture stacks and that currently has only an interim workaround while Redmond investigates.

Background / Overview​

NDI (Network Device Interface) is a widely adopted IP video transport standard used across broadcast, live production, corporate events, e‑sports and content‑creation workflows. It lets multiple PCs and devices exchange high‑quality, low‑latency video and audio over commodity Ethernet, which is why multi‑PC capture rigs, encoder boxes and monitoring machines frequently rely on it. The NDI 5 family uses a Reliable UDP (RUDP) transport by default to marry UDP’s low latency with TCP‑like reliability.
On August 12, 2025 Microsoft released its monthly cumulative security updates. The Windows 11 24H2 cumulative is packaged as KB5063878 (OS Build 26100.4946) and the Windows 10 rollups include KB5063709 for relevant 21H2/22H2 SKUs. Within days, live‑production users began reporting persistent NDI stutter and audio/video sync failures on systems that installed those updates. Microsoft logged the symptom set on its Windows Release Health channels and provided a recommended mitigation: change NDI’s Receive Mode away from RUDP to either Single TCP or legacy UDP while an investigation proceeds.

---

What’s actually breaking: symptoms and fingerprints​

The reported failure mode is distinctive and consistent across independent reports: real‑time NDI flows freeze, stutter or drop frames in patterns consistent with transport‑level retransmission or queuing problems, and audio frequently slips out of sync with video. Affected setups most commonly show the problem when Display Capture (screen capture) is used as a source in OBS or similar capture apps and NDI is employed to send that capture to another machine for encoding or mixing. In many cases the issue occurs even on low‑bandwidth LANs where available capacity is not the bottleneck. (bleepingcomputer.com, neowin.net)
Key fingerprints reported by multiple independent observers:

• Stutter and frame drops in sustained patterns rather than one‑off glitches.
• Audio drift relative to video, indicating repeated retransmissions or buffering anomalies.
• Reproducible correlation with presence of the August cumulative (notably KB5063878 / KB5063709) on the source or receiving hosts.
• Behavior tied to RUDP: switching away from RUDP eliminates the fault in most reported cases, pointing to a transport interaction rather than an NDI app bug. (bleepingcomputer.com, docs.ndi.video)

These observations are the primary load‑bearing facts for the incident: the update correlates with a reproducible regression, vendors and Microsoft acknowledge it, and there is a usable but imperfect mitigation.

---

Technical primer: RUDP, UDP and TCP in NDI​

Understanding the tradeoffs behind the interim mitigation is essential for production teams.

• RUDP (Reliable UDP) — used by NDI 5 as the default — implements sequencing, retransmission, flow control and congestion handling on top of UDP semantics. It is a compromise: it seeks low latency while recovering from packet loss without incurring TCP’s strict in‑order head‑of‑line blocking. The NDI white papers describe RUDP as designed specifically for real‑time multimedia delivery.
• UDP (Legacy) — simple datagrams with minimal overhead and no retransmission guarantee. On stable, low‑loss LANs UDP provides the lowest latency, but lost packets will degrade quality with no recovery.
• Single TCP — a reliable, ordered byte stream that guarantees delivery and ordering but is susceptible to head‑of‑line blocking under packet loss, which can raise latency in real‑time scenarios.

RUDP’s complexity relies on tight interactions with the OS networking stack and predictable socket semantics. When an OS update alters timing, socket buffering, scheduling, or packet handling behavior, application‑level reliability overlays like RUDP can exhibit retransmission storms, queuing, or starvation that show up as the stutter and drift users are seeing. Multiple industry reports and vendor notes point precisely at that interaction. Microsoft and NDI have therefore advised changing the transport as an immediate workaround while the root cause is investigated.

---

Microsoft’s acknowledgment and the official guidance​

Microsoft has posted an advisory on its Windows release health channels acknowledging that the August 2025 security updates can cause severe stuttering, lag and choppy audio/video when NDI is used with its default RUDP transport, and that the problem is especially visible when Display Capture is enabled on the source PC. Microsoft’s published KB and Windows Release Health material list the relevant update packages and note that engineering is investigating the issue.
NDI’s own documentation — and statements from the NDI team — confirm that the regression appears only with RUDP connections; traffic sent using UDP or Single TCP remains unaffected in reported tests. Based on that verification, NDI recommended (and Microsoft linked to) an immediate change to the NDI Access Manager configuration: set Receive Mode to Single TCP or UDP (Legacy) on affected receivers. The NDI Access Manager’s Advanced tab is where the change is performed and NDI apps must be restarted to pick up the new configuration.

---

Step‑by‑step mitigation (practical, immediate)​

For teams needing a quick, practical fix to restore show continuity, the vendor/microsoft recommended path is to change NDI’s receive transport. The steps are:

• Download and install NDI Tools on the receiving machine (if not already present).
• Launch NDI Access Manager.
• Open the Advanced tab.
• Under Receive Mode, select Single TCP or UDP (Legacy) instead of RUDP.
• Click OK to save.
• Restart all NDI‑receiving applications (OBS, Studio Monitor, vMix, etc.) to force them to read the new configuration.
• Repeat the change on every affected receiving machine in the NDI flow. (docs.ndi.video, neowin.net)

Operational notes and caveats:

• Single TCP is the safest cross‑network fallback and generally eliminates the stutter, but it can increase end‑to‑end latency and be vulnerable to head‑of‑line blocking when packets are lost.
• UDP (Legacy) preserves lower latency on stable LANs but drops NDI’s retransmission and windowing benefits; it’s acceptable in controlled, low‑loss environments.
• NDI apps only read the Access Manager configuration at startup, so live reconfiguration without restarts is usually not possible. Plan change windows carefully.

---

The rollback option and its risks​

Some production teams have considered uninstalling the August cumulative update to restore prior behavior. That is a blunt tool and should be a last resort:

• Security tradeoffs — rolling back a monthly cumulative removes the security fixes included in the LCU/SSU. Those patches close vulnerabilities that may be publicly known; operating without them increases exposure.
• Reinstall risk — Windows Update may reinstall the cumulative automatically or push it again later, creating a maintenance burden and operational churn.
• Management complexity — enterprise environments using WSUS, Intune, or SCCM need coordinated rollback procedures and compensating controls, including documenting exception approvals and timelines.

Where rollback is the only operational option (for instance, when remote contributors cannot be reconfigured and a live broadcast must proceed), document the decision, stage the rollback in a maintenance window, and reintroduce compensating security controls (perimeter filtering, VPN isolation, strict inbound firewalling) until a permanent Microsoft fix is available.

---

Broader context: August 2025 rollups have produced multiple regressions​

This NDI regression did not occur in isolation. Community reporting and vendor test benches flagged other serious regressions after the August 2025 rollups, including:

• WSUS delivery failures producing 0x80240069 install errors for some enterprise channels (Microsoft issued mitigation guidance).
• NVMe/SSD regressions where some drives temporarily disappeared under sustained writes in specific controller and firmware combinations; that prompted vendor investigations and cautious operational advice to avoid heavy sequential writes until fixes were available.

The co‑occurrence of multiple regressions in one cumulative window underlines two points: first, modern OS cumulative rollups touch diverse subsystems and can expose interactions with specialized workloads; second, production operators should maintain staged deployment policies and strong rollback/playbook readiness.

---

Why RUDP regressions are especially painful for live production​

Real‑time production demands predictable latency and continuity. When an operating system change subtly alters socket timing or buffering semantics, the application‑layer reliability logic inside RUDP can oscillate between retransmitting aggressively and queuing data, producing the observable stutters and audio drift. That is more damaging than a simple app crash because it corrupts the live viewer experience in ways that are hard to mask or correct on the fly.
Key operational impacts:

• Lip‑sync errors and perceptible jitter that ruin a live broadcast.
• Multi‑camera switching errors and encoder mismatch leading to lost ad breaks or missed cues.
• Last‑minute operational firefighting when remote contributors cannot be reconfigured quickly.
  These failure modes raise the incident from a niche bug to an outage risk for broadcasters and corporate events.

---

Practical checklist for creators, engineers and IT teams​

• Detect — Confirm whether KB5063878 / KB5063709 is installed (run winver, check Settings > About, or query Get‑HotFix/Update history).
• Mitigate — If impacted, change NDI Receive Mode to Single TCP or UDP (Legacy) using NDI Access Manager and restart NDI apps.
• Test — Run a sustained 10–15 minute end‑to‑end test in the exact capture mode planned for the show (Display Capture, game capture, webcams, overlays). Record latency, frame consistency, and audio sync.
• Coordinate — Notify remote guests and partners of configuration changes and get acknowledgement before shows. For distributed teams, script or push the %programdata%/NDI/ndi-config.v1.json change via configuration management tools where appropriate.
• Hold updates — Pause automatic approval of the August cumulative in production rings until Microsoft publishes a fix or Known Issue Rollback (KIR). Use pilot rings to validate any reintroduction.
• Plan fallback — If reversion is required, document compensating security measures and a timeline for reinstalling the security update once Microsoft releases the remediation.

---

How Microsoft and vendors have responded — and where transparency could improve​

Strengths:

• Microsoft and NDI published a practical, reversible mitigation quickly, enabling many teams to restore operations without uninstalling critical security updates. That fast advisory reduced immediate risk for producers. (neowin.net, docs.ndi.video)

Weaknesses and open questions:

• At the time of writing, Microsoft has not published a detailed technical root cause explaining which network stack change triggered the RUDP failure. That lack of a line‑by‑line diagnosis leaves systems engineers guessing about related regressions or residual risk.
• The presence of multiple regressions in the same cumulative window (storage, WSUS delivery, NDI transport) suggests gaps in cross‑stack validation for specialized workflows such as high‑throughput AV stacks. Independent voices are urging expanded test matrices for media workloads.

Until Microsoft publishes a permanent fix and explicit technical notes, organizations must rely on conservative rollout policies and robust pilot testing across the exact capture and network conditions they run in production.

---

Risk assessment: what to do now (decision guide)​

• Small‑scale creators (single‑PC streaming): Most single‑PC setups that encode locally to a platform are unlikely to be impacted; if you use NDI multi‑PC workflows, apply the NDI Receive Mode change and validate latency/quality in a private test stream before going live.
• Mid‑sized studios and event producers: Pilot the NDI transport change across a small subset of encoder and monitoring machines, validate end‑to‑end, and then push the change widely. Maintain a rollback procedure with documented compensating security controls if uninstalling the cumulative becomes necessary for any remote participant.
• Enterprise broadcast operations: Hold KB5063878 in test rings until Microsoft publishes a KIR or an LCU that addresses the regression. Coordinate with vendor support (NDI, OBS, vMix) for end‑to‑end patch validation and insist on explicit test cases for RUDP and Display Capture scenarios before approving reintroduction to production fleets.

---

What to expect next and the likely timeline​

Microsoft has formally acknowledged the issue and said engineering teams are investigating. Historically, Microsoft’s remediation cadence for high‑impact regressions ranges from a few days (via Known Issue Rollback or targeted KIR) to several weeks (for a tested cumulative replacement) depending on repro rate, severity, and complexity of the fix. Given the commercial impact on broadcasters, expect Microsoft to prioritize a fix, but do not rely on immediate timelines — continue to operate under the safe assumption that the transport workaround may be required for the near term.

---

Final analysis and takeaways​

This incident is a textbook example of how modern OS updates can unintentionally affect niche but economically important workflows. The core facts are straightforward and corroborated across vendor documentation and independent reporting: the August 2025 cumulative updates (notably KB5063878 for Windows 11 and KB5063709 for Windows 10 SKUs) correlate with reproducible NDI RUDP failures that manifest as severe stuttering and audio/video disruption; Microsoft and NDI recommend switching receive transport to Single TCP or UDP (Legacy) as an interim mitigation while a permanent fix is developed. (support.microsoft.com, docs.ndi.video)
Strengths of the response so far include rapid publication of an actionable mitigation that preserves security updates while restoring many production flows. The primary risk is that the mitigation trades latency and reliability characteristics — Single TCP introduces potential latency/head‑of‑line blocking, while UDP (Legacy) loses retransmission benefits — so each production must test the tradeoffs in its own environment. Rolling back security updates is a last resort and carries real security and management costs.
The concrete operational advice for streamers and studios is clear: verify your OS build and installed KBs, apply the NDI Access Manager transport change and run full end‑to‑end tests, pause broad deployment of the affected cumulative in production rings, and maintain clear rollback playbooks with compensating security controls. Treat August 2025 updates as high‑risk for specialized real‑time stacks until Microsoft publishes a confirmed remediation and a technical root‑cause breakdown.
A permanent lesson: as OSes become more complex and cumulative, staged update policies, representative test matrices that include media/AV flows, and tighter vendor collaboration are no longer optional for reliable live production. The August 2025 incident underlines that truth with painful clarity.

---

Source: theregister.com Microsoft admits that Windows and NDI are not getting along