When you purchase through links on our site, we may earn an affiliate commission. Here’s how it works.

Microsoft explains the magic behind Windows Known Issue Rollback (KIR)

If you're an IT admin or a consumer curious about how Microsoft mitigates Windows bugs quickly, the company has pulled the curtain a bit on its development practices.

Neowin · with 5 comments

Paused Windows Update

If you're someone who uses Windows and are an active reader here at Neowin, you probably know that the operating system is no stranger to bugs. Just yesterday, we covered news about PCs booting into BitLocker recovery after applying the latest updates. While Microsoft sometimes takes its sweet time in fixing such bugs, it does have a band-aid solution that it frequently utilizes to mitigate bugs that are hampering Windows usability in a significant way. This is known as Known Issue Rollback (KIR), and Microsoft has now explained how it works in some new documentation primarily intended for IT admins.

The Redmond tech giant has explained that prior to the implementation of KIR, IT admins were forced to skip updates, uninstall entire Windows updates, or patiently wait for a fix from Microsoft when a Windows update caused a bug. This was a cumbersome process that impacted organizational productivity, so with Windows 10 version 2004 released in 2020, Microsoft deployed the robust system of KIR to work around this problem.

In terms of implementation, KIR leverages runtime feature flags present in Windows updates. So, KIR decides at runtime which portion of code to run depending upon Group Policy, which means that if an issue is identified in the new code delivered via Windows Update, KIR can just revert to the old code block for specific features. That said, it is important to note that KIR is only applicable on non-security updates on Windows Server and client platforms, it is not utilized for security patches.

IT admins in enterprise environments leverage Group Policy templates to activate KIR when needed, while consumer PCs receive KIR through Windows Update. Microsoft has boasted that in many cases, a KIR is delivered before the problematic update reaches most PCs, so most users don't even find out about particular bugs.

Microsoft says that when it learns about a bug, its teams perform a root cause analysis (RCA) to determine if it needs to roll out a KIR. If that is the case, KIR configuration changes are delivered through Windows Update, and affected PCs install the update within 24 hours. The KIR is then responsible for disabling the problematic code and just running the old code block.

If you're interested in learning more about KIR, particularly in the enterprise space, do check out Microsoft's documentation on the topic here.

Microsoft 365 Banner
Next Article

Microsoft publicly apologizes for confusing customers about M365 price hikes, offers refunds

The Gemini logo
Previous Article

Apple to pay $1 billion per year so Google Gemini can power Siri

5 Comments

Load the comments and join the conversation!

Read the comments, ask the editors questions, show respect and join the conversation.

Click here