Windows August 2025 Update Triggers Severe NDI Stutter (RUDP)

Microsoft has confirmed that its August 12, 2025 cumulative updates introduced a serious regression that causes severe stuttering, lag, and choppy audio/video in NDI‑based streaming workflows on affected Windows 11 and Windows 10 builds — a defect tied to NDI’s default RUDP (Reliable UDP) transport and currently mitigated by switching NDI receivers to Single TCP or UDP (Legacy) while Microsoft investigates. (bleepingcomputer.com)

Background​

Microsoft’s Patch Tuesday rollup on August 12, 2025 shipped a broad security and quality package for multiple Windows servicing families. The Windows 11 24H2 cumulative was distributed as KB5063878 (OS Build 26100.4946) while companion Windows 10 packages included KB5063709 for 22H2/21H2 branches. Within days of deployment, broadcasters, streamers, and AV engineers reported reproducible performance failures specifically in setups that use NDI (Network Device Interface) to shuttle audio/video between machines. (bleepingcomputer.com, tomsguide.com)
NDI is widely used in live production: it enables low‑latency, high‑quality video transport across LANs so that capture PCs, encoder machines, and switchers can interoperate without specialized SDI gear. The regression therefore has outsized operational impact on multi‑PC productions even though consumer single‑PC streaming to platforms is not implicated. Microsoft logged the behavior in its Windows Release Health advisory and described the symptom set and the vendor-recommended mitigation. (support.microsoft.com, bleepingcomputer.com)

---

What Microsoft and Vendors Confirmed​

• Microsoft’s Release Health entry describes the issue as “Problems with NDI streaming performance after installing the August 2025 update,” calling out severe stuttering, lag and choppy audio/video, and noting the effect is especially visible when the source uses Display Capture in tools such as OBS. (support.microsoft.com)
• Microsoft identified the interaction with NDI’s RUDP transport as the triggering pathway and pointed users to vendor guidance to change NDI’s Receive Mode to Single TCP or UDP (Legacy) as a temporary mitigation while engineering investigates. (bleepingcomputer.com, windowsforum.com)
• Independent reporting from industry outlets confirmed the same symptom pattern and mitigation approach, emphasizing the regression’s reproducibility across affected KBs and builds. (tomsguide.com, bleepingcomputer.com)

These are the load‑bearing facts: the KB identifiers, the affected builds, the symptom set, and the vendor‑recommended temporary change of transport all align across Microsoft’s advisory and independent reporting.

---

Technical primer: RUDP, UDP, and Single TCP — why transport choice matters​

NDI supports a few transport modes to balance latency, reliability, and resilience:

• RUDP (Reliable UDP) — NDI’s modern default in many setups. It attempts to combine UDP‑style low latency with application‑level reliability (sequencing, retransmits, pacing) to reduce visual artifacts while keeping latency low.
• UDP (Legacy) — Simple datagrams sent without retransmission. Lowest latency in pristine LAN conditions but susceptible to packet loss.
• Single TCP — Ordered, reliable stream with retransmission. Robust but can suffer head‑of‑line blocking when packet loss occurs, increasing latency.

RUDP’s hybrid nature makes it more sensitive to subtle timing, scheduling, and packet‑processing changes in the OS networking stack than pure UDP or TCP. The field pattern — RUDP traffic failing while UDP and Single TCP remain stable — points to a transport‑layer interaction rather than a generic application bug. That said, a definitive root‑cause analysis has not been published by Microsoft; current explanations remain informed inference until Redmond releases technical details. Treat the root‑cause hypothesis as provisional. (bleepingcomputer.com)

---

Timeline and Microsoft’s response​

• August 12, 2025 — Microsoft released its August cumulative updates (Patch Tuesday), including KB5063878 for Windows 11 24H2 and companion KBs for Windows 10. The rollups included many security fixes but were rapidly followed by community reports of regressions.
• Mid‑August 2025 — Reports from streamers, broadcasters, and vendor telemetry converged on a reproducible NDI stutter pattern caused by RUDP connections. Industry outlets documented the issue and NDI’s vendor guidance. (bleepingcomputer.com, tomsguide.com)
• Microsoft posted a Release Health advisory confirming the behavior, identified the transport fingerprint (RUDP only), and linked to vendor guidance recommending a Receive Mode change. Engineering is investigating. (support.microsoft.com)
• August 18–19, 2025 — Microsoft published out‑of‑band (OOB) cumulative updates to address related but separate regressions that affected Reset / Recovery flows (for example, KB5066189 for Windows 11 servicing families). Those OOB packages fixed recovery failures introduced by certain August patches; they do not claim to remediate the NDI RUDP regression specifically. Administrators were advised to apply the OOB updates if they were experiencing recovery failures. (support.microsoft.com)

Microsoft’s moves demonstrate a rapid operational response to high‑impact regressions, but at the time of reporting Microsoft had not yet published a permanent fix specifically for the NDI/RUDP behavior; the known short‑term mitigation remained the NDI transport change or uninstalling the August LCU on affected hosts at the risk of leaving systems unpatched. (bleepingcomputer.com, windowscentral.com)

---

Impact: who is hurt, and how badly​

The regression disproportionately damages workflows that rely on multi‑PC NDI flows. Typical affected environments include:

• Live broadcasters and production studios that split capture and encode across machines.
• Corporate AV teams delivering lecture capture, town halls, or hybrid events.
• Streamers using separate capture and encoder PCs and those layering multiple high‑resolution sources.
• Education and training environments that use remote capture and monitoring via NDI.

Symptoms observed in real‑world flows:

• Repeated micro‑pauses and stuttering in live video layers.
• Audio desynchronization and choppy audio in feeds.
• Persistent failures even on low‑utilization, low‑loss LANs (indicating timing or retransmission pathology rather than congestion). (bleepingcomputer.com, windowsforum.com)

For production crews, even short, unpredictable freezes are catastrophic for live events — they degrade the viewer experience and complicate post‑event ingest. The regression’s timing (a widely distributed security update) amplified its reach by touching many systems simultaneously, making ad hoc workarounds operationally painful at scale.

---

Practical mitigations and step‑by‑step remediation​

The vendor and Microsoft guidance converges on two operational choices: change NDI’s Receive Mode or remove the problematic KB on affected machines. The former preserves security posture; the latter restores original behavior but opens a security window.
Immediate mitigation (recommended):

• Install or open NDI Access Manager on every receiving machine.
• In NDI Access Manager, go to the Advanced tab.
• Change Receive Mode from RUDP (default) to Single TCP or UDP (Legacy).
• Click OK, then restart any NDI‑receiving applications (OBS Studio, vMix, Studio Monitor, etc.). The apps read the Access Manager configuration on startup. (windowsforum.com)

Trade‑offs to consider:

• Single TCP: This typically eliminates stutter and is the safest fallback for complex network environments. It can add end‑to‑end latency and suffer head‑of‑line blocking during packet loss, so it’s best on reliable LANs with sufficient latency budget.
• UDP (Legacy): Keeps latency low on pristine LANs but forfeits RUDP’s retransmission/ordering benefits — acceptable on dedicated Ethernet segments.
• Restarting processes is required; changing the Receive Mode while applications are running will not take effect until the apps relaunch. Plan restarts during rehearsals or maintenance windows. (windowsforum.com)

If mitigation is infeasible (e.g., remote contributors that cannot be reconfigured), organizations have limited options:

• Consider uninstalling the August LCU on affected hosts as a last resort, but weigh the security implications carefully. Rollbacks may be acceptable for short maintenance windows but should be accompanied by compensating controls. (tomsguide.com)
• For other, unrelated August regressions (such as Reset/Recovery failures), apply Microsoft’s OOB fixes (for example, KB5066189 for Windows 11) if you are affected; they address separate, high‑impact recovery problems. Do not assume OOBs cure the NDI RUDP regression without explicit Microsoft confirmation. (support.microsoft.com)

---

Operational guidance for IT and AV teams​

• Test in a staging environment first. Reproduce the issue and the remediation (transport change) before the next live event or classroom session.
• Document all changes. If switching to Single TCP or UDP (Legacy), log the change and maintain a rollback plan.
• Coordinate with remote contributors. If you rely on external feeds, provide configuration instructions and a rehearsal window to apply changes and restart apps.
• Balance security and availability. Uninstalling the August LCU restores the previous NDI behavior but removes important security fixes. If you choose rollback, isolate the host or enforce strict network controls until the patch is replaced.
• Monitor Microsoft Release Health and vendor advisories. Microsoft is investigating and may publish a targeted patch; apply vendor‑tested updates when they appear rather than guesswork. (support.microsoft.com, bleepingcomputer.com)

---

Risk assessment and trade‑offs​

• Security risk vs. operational availability. Removing a cumulative security update is never a trivial decision. The August rollups patched a large set of vulnerabilities; one such example closed a publicly disclosed Kerberos elevation‑of‑privilege issue in the same release. For many organizations, the security risk of remaining unpatched outweighs temporary media quality problems.
• Workaround operational cost. Changing Receive Mode is low‑risk technically but has operational cost: per‑machine configuration, app restarts, and potential latency impacts on timing‑sensitive productions.
• Uncertain root cause. Community analysis and Microsoft’s note narrow the fault to the RUDP transport, but the precise kernel/stack interaction has not been publicly dissected by Microsoft. Until a root‑cause bulletin or fix is published, long‑term planning must assume uncertainty. Flag any definitive causal statements as provisional.

---

Why this matters beyond streamers​

This episode underlines core tensions in modern OS delivery:

• The complexity of shipping large cumulative updates across diverse hardware and software stacks means regressions can surface in narrow but critical workflows.
• Low‑latency protocols that implement custom reliability (like RUDP) are intrinsically more fragile to platform timing and scheduler tweaks.
• The cost of a rollback is not just technical — it’s organizational and security‑oriented.

Microsoft’s fast issuance of out‑of‑band fixes for other critical regressions (Reset/Recovery failure) demonstrates that the vendor will move quickly on high‑impact regressions, but targeted fixes require accurate reproduction and risk assessment prior to redistribution. (support.microsoft.com, techradar.com)

---

Cross‑checks and verification​

Key claims in this article are cross‑referenced against Microsoft’s Release Health and KB pages and at least two independent outlets:

• Microsoft’s Release Health and KB documentation describing the known issue and the OOB packages. (support.microsoft.com)
• BleepingComputer’s reporting of the NDI/RUDP fingerprint and the NDI vendor guidance recommending Receive Mode changes. (bleepingcomputer.com)
• Tom’s Guide and Windows Central confirmation of the issue and Microsoft’s acknowledged response, including guidance on removal or mitigation tradeoffs. (tomsguide.com, windowscentral.com)

Where independent sources differ in detail, this article highlights the divergence and treats root‑cause claims as provisional pending a Microsoft technical bulletin. Community summaries and forum threads documenting user impact and step‑by‑step mitigations are consistent with the vendor and vendor‑tool guidance.

---

Recommended checklist for streamers and admins (short, actionable)​

• Back up configuration and scene collections before making changes.
• Update NDI Tools to the latest vendor release.
• Change NDI Receive Mode to Single TCP or UDP (Legacy) on receiving hosts and restart receiving applications. (windowsforum.com)
• If you experience Reset/Recovery failures, apply Microsoft’s OOB KBs (for example, KB5066189) for affected servicing families. Verify the specific KB against your OS build before installing. (support.microsoft.com)
• Keep affected hosts isolated from high‑risk networks if you choose to uninstall the August LCU temporarily.
• Monitor Microsoft Release Health for a permanent fix and vendor advisories for tested guidance.

---

Longer view: lessons for vendors and enterprise​

• Vendors that rely on nonstandard transport stacks (RUDP, custom reliability layers) should maintain a robust compatibility matrix and test harnesses that exercise kernel and network scheduler changes at scale.
• Platform vendors should consider targeted, staged rollouts with rapid telemetry funnels for specialized verticals (e.g., broadcasting and pro AV) where even small regressions are mission‑critical.
• IT teams should formalize update windows that include validation tests for critical workflows (live events, lecture capture, remote proctoring) before broad deployment.

---

Conclusion​

The August 2025 cumulative updates created a narrow but high‑impact failure mode for NDI's RUDP transport, producing severe stuttering and choppy audio/video in multi‑PC streaming setups. Microsoft confirmed the regression in Release Health and pointed to vendor guidance — changing NDI’s Receive Mode to Single TCP or UDP (Legacy) — as the practical workaround while engineering investigates. The decision tree for production teams is simple in outline but complex in practice: favor the vendor‑recommended transport change to preserve security, or roll back the KB with tight compensating controls if immediate restoration of prior behavior is essential and short‑term security exposure can be managed. (support.microsoft.com, bleepingcomputer.com)
Organizations should test the workaround in rehearsal environments, document changes, and monitor Microsoft’s updates closely for a targeted fix. Any definitive root‑cause statements should be treated as provisional until Microsoft publishes a technical analysis or a corrective patch.

---

---

Source: Cyber Press https://cyberpress.org/windows-11-24h2-and-windows-10-hit-by-severe-lag-after-microsofts-august-2025-update/

 

[ChatGPT]

Microsoft’s August cumulative update for Windows 11 has introduced a painful wrinkle for broadcasters and multi‑PC streamers: NDI‑based feeds using the protocol’s default Reliable UDP (RUDP) transport began exhibiting severe stuttering, dropped frames, and choppy audio/video, forcing producers to apply a temporary transport‑mode workaround while Microsoft investigates a permanent fix.

---

Background​

The August 12, 2025 cumulative update for Windows 11 (KB5063878, OS Build 26100.4946) — part of the normal Patch Tuesday security rollup — patched more than a hundred security holes but also coincided with reproducible regressions in AV/streaming workflows that use the Network Device Interface (NDI) protocol. Microsoft has logged the problem on its Windows Release Health pages and acknowledged the symptoms and a vendor‑recommended workaround while engineering investigates. (support.microsoft.com)
Independent vendor notices and technical press coverage reproduced the symptom set: NDI streams that use RUDP on an affected host can exhibit periodic stalls, retransmission storms, and audio/video drift even on otherwise healthy local networks. Traffic flows using legacy UDP or Single TCP were reported to be unaffected in test reproductions, which is the basis for the temporary mitigation. (bleepingcomputer.com, m.vmix.com)

---

What is NDI and why do broadcasters rely on it?​

NDI (Network Device Interface) is a widely used protocol for moving low‑latency, high‑quality video and audio over standard Ethernet. It enables multi‑PC capture rigs, remote camera feeds, and flexible scene switching without dedicated SDI hardware. Its popularity stems from several practical benefits:

• Low end‑to‑end latency on local networks.
• Support for multiple transport modes designed to balance latency and reliability.
• A robust ecosystem: NDI Tools, OBS integration, vMix, and hardware encoders.

In modern NDI implementations, RUDP (Reliable UDP) is often the default transport because it attempts to deliver UDP‑level latency while adding application‑level retransmission and sequencing to reduce visible artifacts during packet loss. That reliability layer, however, also makes RUDP sensitive to changes in OS socket behavior and timing. When the OS alters buffering, scheduling, or packet semantics, an application‑level reliability layer can misbehave in visible ways.

---

The regression: symptoms, scope, and immediate evidence​

Symptoms observed in the field​

Streamers and AV engineers reported a clear pattern after the update:

• Periodic stutters and frozen frames in NDI sources.
• Audio drift or choppy audio accompanying video stalls.
• Problems most visible when the sender used Display Capture (screen capture) rather than a camera feed.
• Failures reproduced on low‑bandwidth and uncongested LANs, suggesting timing or retransmission behavior rather than throughput.

These symptoms were consistent across multiple independent reproductions and vendor notices. Microsoft’s Release Health entry uses language such as “severe stuttering, lag, and choppy audio/video” to describe the issue. (support.microsoft.com)

Affected builds and KBs​

The primary affected package called out in vendor and press reports is KB5063878 for Windows 11 version 24H2 (OS Build 26100.4946) released on August 12, 2025. Parallel Windows 10 rollups (for supported servicing branches) shipped companion KBs that have shown related behavior in some setups. Microsoft’s public advisories and vendor KBs list the affected KBs and advise mitigation steps without requiring removal of the security rollup for many scenarios. (support.microsoft.com)

Independent verification​

Reputable outlets and vendor knowledge bases have reproduced the same fingerprint and documented the same mitigation: BleepingComputer and Tom’s Guide reproduced and reported the regression and Microsoft’s advisory; vMix, NDI’s documentation, and community engineering forums posted the recommended temporary configuration change that avoids RUDP. (bleepingcomputer.com, tomsguide.com, m.vmix.com)

---

Why RUDP broke (technical explanation)​

NDI’s RUDP overlay provides reliability via sequencing, acknowledgements, retransmissions, and windowing — features that require tight coordination between the application‑level logic and the OS network stack. Small changes to socket timers, buffer limits, packet queuing, or scheduling behavior in the OS can unbalance RUDP’s retransmission heuristics, leading to:

• Retransmission storms (excessive re‑requests that overwhelm queues).
• Buffer starvation or head‑of‑line blocking within the application.
• Bursty delivery that shows up as periodic stutters and audio drift.

Because UDP and TCP use simpler, well‑understood semantics at the OS level, flows using those transports did not surface the same failure pattern in the tested environments, which is why switching away from RUDP stabilizes affected streams. This remains the most plausible explanation based on observed behavior and vendor analysis, but a final engineering root‑cause will depend on Microsoft’s internal diagnostics and is therefore still in investigation. Treat precise controller‑level or kernel‑level claims as provisional until Microsoft publishes an engineering post‑mortem.

---

The temporary fix: exactly what to do (step‑by‑step)​

NDI and downstream vendors recommend changing the NDI Receive Mode on affected receiving machines so that NDI traffic uses Single TCP or UDP (Legacy) rather than RUDP. This is a reversible configuration change that preserves the security update while restoring stable NDI behavior in most topologies.

• Download and install NDI Tools (free) on any receiving PC that shows stutter.
• Launch NDI Access Manager on the receiving machine.
• Open the Advanced tab.
• Under Receive Mode, change from RUDP (default) to Single TCP or UDP (Legacy).
• Click OK and then restart any NDI‑receiving applications (OBS, Studio Monitor, vMix, etc.) to force them to re‑read the new configuration.
• Repeat on every receiving endpoint in your NDI flow.

Notes:

• Many applications read the Access Manager configuration only at startup, so restarting receiving apps (or rebooting) is required. (m.vmix.com, bleepingcomputer.com)

---

Tradeoffs and operational implications​

Switching away from RUDP restores stability, but it’s not without tradeoffs. Evaluate these before going live:

• Single TCP: Most robust across mixed network gear and through firewalls/NAT, but adds latency and can suffer head‑of‑line blocking when packet loss occurs. Use this when reliability is the priority and a few extra milliseconds of latency are acceptable.
• UDP (Legacy): Lowest latency on stable LANs, but offers no retransmission; lost packets remain lost, which can degrade visual quality during network errors.
• RUDP: Normally the best balance of low latency and resilience — that’s why the regression is impactful. The goal is to restore RUDP once Microsoft issues a fix.

Operational costs:

• Coordinating changes across dozens of endpoints (including remote guests or third‑party devices) is time‑consuming.
• Rolling back the KB is a last resort and raises security concerns: an LCU rollback removes the security fixes included in the August rollup and may require DISM‑level removal if the combined SSU+LCU packaging prevents GUI uninstall. Microsoft recommends mitigation over wholesale rollback where possible. (support.microsoft.com, tomsguide.com)

---

Practical guidance for streamers, studios, and AV teams​

Short checklist to minimize risk before the next show​

• Confirm whether KB5063878 (Windows 11) or the corresponding Windows 10 KB is installed: run winver or check Windows Update → Update history.
• If affected, apply the NDI Receive Mode change on receiving machines and restart apps; test end‑to‑end under the same capture modes you’ll use live (especially Display Capture).
• If latency tolerance is low, test both Single TCP and UDP (Legacy) to identify the best operational tradeoff for your environment.
• If you must rollback the KB as a last resort, document compensating security controls (network segmentation, firewall restrictions) and plan reinstallation once a corrected update ships. Rolling back at scale should be governed by security teams and change control.

For IT/engineers managing many endpoints​

• Pilot the transport change on a small lab of representative devices and measure latency, packet loss behavior, and CPU impact.
• Script the configuration change where possible (or automate via imaging) for large estates, but prioritize coordination with remote contributors.
• Pause automatic approvals of KB5063878 in deployment rings (WSUS/Intune) until Microsoft issues a Known Issue Rollback (KIR) or a patched package.

---

Risk analysis: what to watch out for​

• Security vs. Availability: uninstalling a security rollup increases exposure to the vulnerabilities that the patch fixed. The August release included patches for numerous CVEs — don’t remove security updates lightly. (support.microsoft.com)
• Latency and sync: switching to Single TCP may increase end‑to‑end latency and create head‑of‑line blocking effects that can hurt lip‑sync and tightly timed transitions.
• Remote contributors: if you cannot change settings on a remote contributor’s machine, you may need to use a relay/bridge or consider temporary rollback on the affected endpoint under strict controls.
• Unverified collateral reports: some community reports tied other regressions (SSD disappearance during heavy IO) to the same rollup; these incidents appear hardware‑specific and need separate vendor/Microsoft validation. Treat such claims cautiously until OEMs publish confirmed guidance.

---

What Microsoft, NDI, and vendors are doing (and what to expect)​

Microsoft has publicly flagged the regression in its Windows Release Health content and confirmed engineering is investigating the interaction between the August patches and NDI’s RUDP transport. NDI and partner vendors posted the temporary Receive Mode mitigation and guidance for restarting receiving apps. Expect one of these outcomes in the short term:

• A Microsoft servicing update or out‑of‑band patch that restores RUDP behavior while preserving the security fixes.
• A KIR (Known Issue Rollback) targeting the specific behavioral change for affected SKUs in enterprise rings.
• Continued vendor guidance for conservative transports until Microsoft signs off on a platform fix.

Because the root cause touches timing and socket semantics at the OS level, a full fix may include kernel or networking sub‑system changes, and validation across diverse NICs, drivers, and firmware will take time. Monitor Microsoft’s Release Health page and NDI vendor channels for an engineering bulletin and a tested patch path. (support.microsoft.com, m.vmix.com)

---

Recommended immediate action plan (concise)​

• Identify affected machines with winver or Update History.
• Install NDI Tools on receiving machines and switch Receive Mode to Single TCP or UDP (Legacy). Restart apps.
• Rehearse a full show on the adjusted transport to measure latency and sync under real conditions.
• If remote contributors cannot be reconfigured, evaluate using a relay/bridge or, as an emergency, a controlled rollback with compensating security controls.
• Track Microsoft Release Health and vendor advisories for the permanent fix; plan to revert to RUDP only after testing the corrected update in a pilot ring.

---

Final analysis: strengths, weaknesses, and the path forward​

The rapid vendor‑aligned mitigation demonstrates a pragmatic incident response: vendors, community engineers, and Microsoft quickly converged on a safe, reversible workaround that preserves the security baseline for most users while restoring service continuity. That pragmatic tradeoff — avoid rollback if possible, change transport — is the right operational posture for production teams.
Strengths:

• The mitigation is low‑risk and reversible.
• It preserves applied security fixes for most users.
• Vendors provided clear step‑by‑step instructions that apply to common NDI toolchains.

Risks and weaknesses:

• The workaround degrades RUDP’s performance advantages; competitive, low‑latency streams may notice the difference.
• Rolling back the KB is dangerous at scale and can reintroduce serious vulnerabilities.
• Coordinating changes across distributed teams and remote collaborators is operationally heavy.

The best path forward is disciplined: apply the temporary transport change, test thoroughly, and prioritize Microsoft’s permanent fix when it arrives. For studios and pro AV teams, stage updates in pilot rings and maintain scripted rollback and remediation procedures. Keep robust backups, document every exception decision, and treat any KB rollback as a short‑term emergency measure with mandatory compensating controls.

---

NDI and streaming workflows power a lot of modern live production; a software update that unintentionally disrupts the protocol’s reliability layer is a concrete operational hazard. The interim change to Single TCP or UDP (Legacy) gives broadcasters time to keep shows running without sacrificing the security benefits of August’s patches, but it also underlines the importance of piloting updates against real‑world AV topologies before broad rollouts. Monitor vendor advisories and schedule a controlled return to RUDP only after a validated Microsoft remediation is available. (bleepingcomputer.com, m.vmix.com)

---

Source: PC Gamer A recent Windows 11 update broke a popular streaming method on OBS but a temporary fix is now here