Full Report
Microsoft has released an emergency update to fix the Windows Recovery Environment (WinRE), which became unusable on systems with USB mice and keyboards after installing the October 2025 security updates. [...]
Analysis Summary
# Vulnerability: Unusable Windows Recovery Environment (WinRE) Due to USB Input Device Failure
## CVE Details
- CVE ID: Not specified (This is a post-patch hotfix for a compatibility issue introduced by previous updates, not a zero-day vulnerability disclosure)
- CVSS Score: Not applicable (Described as functionality breakage rather than security exploitability)
- CWE: Not specified
## Affected Systems
- Products: Windows 11 (24H2 and 25H2), Windows Server 2025, Other Windows client/server devices affected by the preceding October 2025 security update (e.g., KB5066835).
- Versions: Systems that installed the preceding problematic Microsoft October 2025 security updates.
- Configurations: Systems attempting to access the Windows Recovery Environment (WinRE) using USB-wired mice or keyboards.
## Vulnerability Description
The October 2025 cumulative security updates (specifically mentioned leading up to KB5070773, such as KB5066835) introduced a regression that rendered USB-wired input devices (mice and keyboards) unusable specifically within the Windows Recovery Environment (WinRE). This prevents users from navigating or selecting recovery options, effectively making WinRE inaccessible for system repair, even though peripherals function normally after logging into the main operating system.
## Exploitation
- Status: Not applicable (Functionality degradation/breakage, not a security exploit)
- Complexity: Not applicable
- Attack Vector: Not applicable
## Impact
- Confidentiality: None (Operational impact)
- Integrity: Medium (Inability to repair system state if boot/safety options are required)
- Availability: High (Loss of access to critical repair environment)
## Remediation
### Patches
- **KB5070773:** This out-of-band cumulative update, released October 20, 2025, resolves the bug causing USB input devices to fail in WinRE. Microsoft recommends installing the latest available update.
### Workarounds
For systems that cannot boot to install the patch:
1. **Touchscreen:** Use the on-screen touch keyboard within WinRE.
2. **Legacy Ports:** Use a PS/2 keyboard or mouse if the PC has the appropriate port.
3. **Recovery Drive:** Boot the computer from a previously created USB recovery drive, which restores full USB functionality within its hosted WinRE session.
4. **Enterprise/OEM:** Use Preboot Execution Environment (PXE) in Configuration Manager or deploy push-button reset features using Windows ADK/WinPE add-on to install KB5070773 remotely.
## Detection
- Indicators of Compromise: User reports inability to navigate or use USB mouse/keyboard when accessing WinRE (e.g., during boot failures or manual recovery access).
- Detection methods and tools: Monitoring systems for successful installation of KB5070773; no active threat detection tools are relevant as this is a software regression.
## References
- Vendor advisories: Microsoft Release Health Update for Windows 11 25H2 (Dated post-October 20, 2025)
- Relevant links - defanged:
- `support.microsoft.com/help/5070773`
- `support.microsoft.com/help/5066835`
- `learn.microsoft.com/en-us/windows/release-health/status-windows-11-25h2#usb-mouse-and-keyboard-not-working-in-the-windows-recovery-environment--winre-`