Microsoft to Block Windows 11 and Server 2025 Automated Installation After Critical RCE Vulnerability

Microsoft to Block Windows 11 and Server 2025 Automated Installation After Critical RCE Vulnerability

By Guru Baran
Publication Date: 2026-03-16 03:44:00

Windows 11 and Server 2025 Automated Installation

Microsoft has announced a two-phase plan to disable the hands-free deployment feature in Windows Deployment Services (WDS) following the discovery of a critical remote code execution (RCE) vulnerability tracked as CVE-2026-0386.

The flaw, rooted in improper access control, allows an unauthenticated attacker on an adjacent network to intercept sensitive configuration files and execute arbitrary code during network-based OS deployments.

Windows Deployment Services is a server role that enables IT administrators to deploy Windows operating systems remotely over a network, typically using PXE (Preboot Execution Environment) boot.

A core feature of this service, hands-free deployment, relies on an Unattend.xml answer file to automate installation screens, including credential entry, without requiring manual operator intervention. This feature is widely used in enterprise environments to efficiently…