Microsoft has confirmed a serious Intune flaw upgrades Windows 11 on enterprise devices, even where policies were in place to prevent the upgrade. The glitch, described as a “latent code issue,” has caught IT administrators off guard, forcing urgent rollbacks and pauses on further updates.
The issue was first spotted on April 12, 2025, and has impacted organizations using Microsoft Intune for managing feature updates across their device fleets. Despite administrators setting restrictions to block Windows 11 upgrades, the bug bypassed those policies, installing the OS where it wasn’t authorized.
Microsoft acknowledged the issue via a post to IT administrators, confirming that the upgrade push was unintended and tied to flawed backend logic in Intune. The tech giant is now working on a fix, urging affected organizations to pause Windows Feature Updates to avoid further installations.
“While we work to address the issue, admins in impacted organizations may be able to circumvent impact by pausing Windows Feature Updates until the code fix has been developed, tested, and deployed,” Microsoft said.
Unfortunately, devices already upgraded will require manual rollbacks to return to their previous versions, creating extra workload for IT teams and potential downtime for users.
Recurring Update Issues at Microsoft
This Intune flaw upgrades Windows 11 problem is not an isolated incident. In late 2024, Microsoft mistakenly upgraded some customers’ systems from Windows Server 2022 to Windows Server 2025, even when the required licenses were not present. The company blamed third-party management tools and mislabeling of update packages for that incident.
In October 2024, a separate issue forced Microsoft to pull a Windows 11 preview update that caused widespread system crashes and blue screens.
These repeated lapses raise growing concerns in the IT community about Microsoft’s update delivery processes, particularly when dealing with enterprise-level change management policies.
What IT Admins Should Do Now
- Pause Windows Feature Updates via Intune immediately.
- Audit devices for any unintended upgrades.
- Roll back manually where necessary.
- Monitor Microsoft’s official channels for the code fix rollout.
This latest incident underscores the importance of rigorous testing and transparent communication in enterprise IT environments. As Microsoft continues to push Windows 11 adoption—especially before Windows 10 reaches end of life in 2025—such missteps may erode trust in its device management ecosystem.
For now, IT administrators are urged to remain vigilant and implement temporary safeguards to avoid further disruption.
