Windows Server 2025 administrators are reporting widespread system freezing issues after installing the February 2025 cumulative update (KB5051987). The problematic patch, which Microsoft released on February 11, 2025, appears to cause intermittent system hangs, particularly during Remote Desktop Protocol (RDP) sessions and high-CPU workloads.

The Scope of the Problem

Enterprise IT teams across multiple industries have documented these symptoms:

  • Random system freezes lasting 30-120 seconds
  • RDP disconnections during active sessions
  • Task Manager becoming unresponsive during freeze events
  • Event Log errors showing "DistributedCOM" and "Kernel-EventTracing" warnings

Microsoft has acknowledged the issue in a support bulletin, confirming the bug affects Windows Server 2025 Standard and Datacenter editions. Virtualized environments appear particularly vulnerable.

Temporary Workarounds

While awaiting an official fix, these mitigation strategies have proven effective:

1. Roll Back the Update 

wusa /uninstall /kb:5051987 /quiet /norestart

Note: This requires a subsequent reboot and leaves systems unpatched against other security vulnerabilities.

2. Disable RDP Compression

  1. Open Registry Editor
  2. Navigate to HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\Terminal Server\WinStations
  3. Create a new DWORD named DisableRDPCompression with value 1

3. Adjust Power Settings 

powercfg /setactive SCHEME_MIN

This switches to the "Minimum Power Management" scheme which some administrators report reduces freeze frequency.

Root Cause Analysis

Preliminary debugging suggests the issue stems from:

  • A race condition in the updated NTFS driver
  • Memory management conflicts with Hyper-V on virtualized hosts
  • Incompatibility with certain storage array controllers

Microsoft's engineering team has reproduced the bug in lab environments and is working on a hotfix expected by February 28, 2025.

Enterprise Impact Assessment

For organizations weighing whether to uninstall KB5051987, consider:

Risk Factor Uninstalled Installed
Security Vulnerabilities High (missing 12 CVEs) Protected
System Stability Normal Unstable
RDP Reliability Normal Compromised
Performance Baseline Degraded

Monitoring Recommendations

Until the official fix arrives, implement these monitoring safeguards:

  1. Create a Custom Performance Monitor tracking:
    - Processor(_Total)\% Processor Time
    - Memory\Available MBytes
    - System\Processor Queue Length

  2. Configure Alert Thresholds for:
    - CPU >90% for 5 minutes
    - Available memory <10%
    - Disk queue length >2

  3. Review Event Logs hourly for:
    - Event ID 1001 (Windows Error Reporting)
    - Event ID 41 (Kernel-Power)

Long-Term Prevention Strategies

To avoid similar issues with future updates:

  • Implement a staged rollout (10% > 25% > 100% over 7 days)
  • Maintain snapshot backups before patching virtual machines
  • Subscribe to Microsoft's update notifications RSS feed
  • Consider third-party patch management solutions with testing sandboxes

Microsoft has stated they will revise their QA processes for future Server updates, particularly around RDP and storage subsystem changes. The forthcoming hotfix (expected as KB5052143) will be available through Windows Update, WSUS, and the Microsoft Update Catalog.

For immediate assistance, Microsoft Support has established a dedicated escalation path referencing case number "SRX20250215-WS2025FREEZE".