Take Action: Out-of-band updates to address issues with local policy events in Active Directory group policy

Originally posted by Microsoft Apr 14, 2025 Uncategorized 0 Comments

Microsoft has identified an issue where audit logon/logoff events in the local policy of the Active Directory Group Policy might not show as enabled on the device even if they are enabled and working as expected. This can be observed in the Local Group Policy Editor or Local Security Policy, where local audit policies show the “Audit logon events” policy with security setting of “No auditing”. An out-of-band (OOB) update has been released today, April 11, 2025, to address this issue.

Windows home users are unlikely to be affected by this issue, as logon auditing is generally only necessary in enterprise environments. This OOB update is a non-security release, and organizations that are not affected by this issue don’t need to install this update.
The OOB updates available only on the Microsoft Update Catalog for the Window versions affected by this issue. They are cumulative, so you do not need to apply any previous update before installing them, and they supersede all previous updates. If you haven’t deployed the April 2025 Windows security update yet and you utilize Active Directory Group Policy, we recommend you apply this OOB update instead for the Windows versions listed below:
  • Windows 11, versions 23H2 and 22H2 (KB5058919)
  • Windows Server 2022 (KB5058920)
  • Windows 10 Enterprise LTSC 2019 and Windows Server 2019 (KB5058922)
  • Windows 10 LTSB 2016 and Windows Server 2016 (KB5058921)
  • Azure Stack HCI, version 22H2 (KB5058920)

Message ID: MC1053627

Comments are closed.

Joao Ferreira

I've been working with Microsoft Technologies over the last ten years, mainly focused on creating collaboration and productivity solutions that drive the adoption of Microsoft Modern Workplace.

%d bloggers like this: