Microsoft says an error in the Windows Update caching service temporarily dropped device enrollment information, letting some Windows devices install Microsoft-approved drivers without notice—even when admins had set policies to block auto-updates. The company
For Windows admins who set strict rules to keep devices from installing updates on their own, the moment feels familiar in the worst way: the policy is in place, the devices should stay quiet—and then they don’t.
Microsoft said it fixed an issue that caused some Windows devices to install driver updates without notice despite policies configured to prevent auto-updates. The company laid out the cause in an admin center incident report. labeled MO1332784: a misconfiguration in the Windows Update caching service temporarily dropped device enrollment information. When that enrollment data disappeared, some devices were treated as non-enrolled, and driver-approval controls didn’t get applied correctly.
The disruption landed on Tuesday afternoon, June 2, when the Intune Support Team acknowledged the problem on Twitter and Reddit. In that response. Microsoft said it had received reports of “an issue where users’ Windows devices that have configured policies to prevent auto updates are installing drivers.” Microsoft added that. as it worked to remediate impact. the drivers being installed were “Microsoft approved/signed” and “don’t pose a security threat.”.
By Wednesday. Microsoft said it had updated the affected service cache and the enrollment status for affected devices to mitigate the impact. In a follow-up update. the company confirmed the issue had been resolved after validation from a subset of previously affected users. “We’ve validated that this issue is resolved following impact remediation confirmation from a subset of previously affected users. ” Microsoft said.
The company also said it is still looking at what happened inside the caching service. “We’re continuing to review how this caching service temporarily dropped Windows device enrollment information to better inform how to detect, prevent, and respond to similar service issues in the future.”
How much this hit users is still unclear. Microsoft has not shared how many regions or customers were affected by the caching failure. But Windows admins described a bigger operational headache: having to deal with tens of thousands of devices unexpectedly receiving BIOS and driver updates. with many cases where audio or video devices stopped working.
This incident sits in a broader pattern of update-related surprises that have forced admins into urgent triage. In April. Microsoft resolved a known issue causing systems running Windows Server 2019 and 2022 to upgrade to Windows Server 2025 “unexpectedly.” Last month. it also addressed a bug that installed driver updates on some Autopatch-managed Windows 11 devices across the European Union. even when administrative policies were configured to restrict driver deployment.
In the meantime. the lesson from this latest incident is brutally practical: even when update policies are set to prevent auto changes. a failure in the plumbing—here. a caching service and the enrollment information it uses—can still let drivers through. Microsoft says that door is now closed. but it’s also warning that it wants to make sure the same kind of enrollment drop can’t happen again.
Microsoft Windows Update driver updates Intune caching service device enrollment MO1332784 BIOS updates autopatch Windows admins cybersecurity