Found a easy fix for the KB5065426 update that broke WIN 11 network mapping.

I spent weeks messing with literally every REGEDIT, SMB setting, user account permissions.....ect after the KB5065426 update. Nothing.

I finally came across this ADMX file that rolls back the update and lets you disable it. Instant mapping after the reboot. Instructions below

1. Download first, then Run the OS version-specific KIR MSI from (Win11/ Win2025 below)

https://download.microsoft.com/download/c6c70455-59ce-4d47-b13c-56b99d0435f1/Windows%2011%2024H2%2c%20Windows%2011%2025H2%20and%20Windows%20Server%202025%20KB5065426%20250923_06201%20Known%20Issue%20Rollback.msi

Executing the MSI installs an ADMX file in the %systemroot%\policydefinitions folder that provides insight as to the OS Version-specific KIR Group Policy Setting to configure in local or domain group policy editors

1. In the local or domain policy editor, configure the KB5065426_20250923_06201 Known Issue Rollback group policy setting to disabled ( Supported on Windows 11, version 24H2, 25H2 and Windows Server 2025)

Disabled :If you disable this policy setting, the corresponding fixes with known issues will be disabled. (Use this to Rollback a known issue)

3.Reboot the machine

The root problem is two or more PC's on your network has a duplicated SID (Security Identifier). It may have been created by cloning a Windows system drive to another PC, or Windows was installed using a sysprepped image that wasn't generalized to clear the original SID.

KB5065426 (Sep. 2025) rolled out a network security measure to finally begin enforcement of duplicate SID's. The MS guidelines are you're not allowed to duplicate the unique SID across multiple PC's, but it was never enforced before September.

The KIR fix allows you to temporarily disable SID checking, by turning off a new Windows Feature. It's the same as running ViveTool:

You should plan to take additional steps in the upcoming months:

1. Determine why you have duplicate SID's. Did someone use a cloned drive or captured system image, to install on multiple PC's?

This command allows you to check each PC's system SID.

2. Change the system SID on every duplicated PC. If you have an existing system, run a tool like SIDCHG.
SIDCHG SID Change Utility

Eventually the Feature disabling, done by the KIR will stop working. MS is only granting you a temporary reprieve in order to fix the root problem.

This feels less like “KB5065426 broke SMB” and more like old deployment shortcuts finally catching up. In our case the rollback helped short term, but the real giveaway was multiple machines acting identically wrong...
classic sign of cloned systems with shared identity. Once we stopped treating it as a networking issue and fixed the machine identity itself, the problems went away. For boxes we couldn’t rebuild, we used tools that actually regenerate the system SID (Wittytool Disk Clone has a built-in SID Change much more cheaper, and we also tested anoher CLI utilitys like NEWSID). After that, SMB mappings survived reboots without relying on the KIR toggle. Rollback buys time, but cleaning up the clones is what actually fixes it.