Two good reports over the weekend about a newly-acknowledged bug in the Win10 1809 upgrade sequence. Günter Born: Windows 10 V1809: Upgrade deactivate
[See the full post at: Upgrading from Win10 1803 to 1809 may break the built-in “Administrator” account, but you probably aren’t affected]
![]() |
There are isolated problems with current patches, but they are well-known and documented on this site. |
SIGN IN | Not a member? | REGISTER | PLUS MEMBERSHIP |
-
Upgrading from Win10 1803 to 1809 may break the built-in “Administrator” account, but you probably aren’t affected
Home » Forums » Newsletter and Homepage topics » Upgrading from Win10 1803 to 1809 may break the built-in “Administrator” account, but you probably aren’t affected
- This topic has 15 replies, 8 voices, and was last updated 4 years, 3 months ago.
AuthorTopicwoody
ManagerViewing 6 reply threadsAuthorReplies-
b
ManagerDifficult to see why this is an issue for anyone in any circumstances, or even a bug at all:
The bug occurs when the following two conditions are met:
The built-in Administrator account is enabled (it is disabled by default).
There is at least one additional account with Administrator permissions.
https://www.ghacks.net/2019/01/02/windows-10-version-1809-upgrade-could-invalidate-administrator-account/The account is not disabled when the feature update is installed if there is no other administrator account. …
Personally, I would have said that’s the behavior I expected. (says Günter Born)
https://borncity.com/win/2019/01/02/windows-10-v1809-upgrade-deactivates-build-in-administrator/Windows 11 Pro version 22H2 build 22621.1778 + Microsoft 365 + Edge
-
Bluetrix
AskWoody MVP -
ch100
AskWoody_MVPThe built-in Administrator account was disabled during previous upgrades, unless the installation/upgrade in place was performed under the built-in Administrator account.
Nothing new here and it is not a bug, but done on purpose I believe, for the reasons stated by Woody in the main post, i.e. security enhancement, as this account is normally the only account not subject to UAC, at least on a computer not joined to an Active Directory domain.
Saying that, I generally tend to perform the OS upgrade under the built-in Administrator to avoid potential permissions bugs during the upgrade, but normally this should not be a pre-condition for a successful installation.3 users thanked author for this post.
-
warrenrumak
AskWoody Lounger -
ch100
AskWoody_MVP
-
-
EspressoWillie
AskWoody PlusI enable the Administrator account for all the machines at my location for when I need to do “admin” things that avoid changing the users desktop or other items like that. The Administrator account is only used by me when needed and is, of course, password protected.
1) If it disables the Administrator account, can it just be reenabled?
2) What do they mean “break”?
3) If I use the Administrator account to do the upgrade, does the regular user admin account that gets created during setup get disabled or “broken”?
4) I have renamed some of the Administrator accounts to something else for security purposes, just like I do on my servers. Do the same bugs apply?
Cheers!!
Willie McClure
“We are trying to build a gentler, kinder society, and if we all pitch in just a little bit, we are going to get there.” Alex Trebek-
b
Manager
anonymous
Guest-
b
Manager
Damian
AskWoody PlusAll of our Win7 domain machines have the Admin enabled and password protected. This was a carry-over practice from the WinXP endpoints and it’s worked well for us. Just as the Domain Admin has a password, Endpoints have the Local Admin with a password. Unfortunately, we will be converting to Win10 this year but the practice will likely continue. I could’ve sworn there were ways to active the built-in Admin account during an offline state.
-
Damian
AskWoody PlusI believe the best option is to password protect and then disable if you’re able to. We have a relatively small environment of 180 or so endpoints. There have been times where an endpoint has lost trust with the Domain and the built-in Admin account is needed to leave and rejoin. This can also happen when restoring a older image to an endpoint. I’m sure I’m not alone in this thought, nor am I solely right in my efforts. There’s always ten ways to accomplish everything in Windows. Thank you for your feedback, b.
2 users thanked author for this post.
-
b
ManagerThere have been times where an endpoint has lost trust with the Domain and the built-in Admin account is needed to leave and rejoin.
Yes, I’ve experienced that a few times. I wouldn’t suggest not having any local admin account available.
Windows 11 Pro version 22H2 build 22621.1778 + Microsoft 365 + Edge
1 user thanked author for this post.
-
b
ManagerI could’ve sworn there were ways to active the built-in Admin account during an offline state.
There are with physical access and the ability to boot from something like Offline Password and Registry Editor on CD/DVD/USB (although not if the system drive has disk encryption with that tool apparently), or Safe Mode.
Windows 11 Pro version 22H2 build 22621.1778 + Microsoft 365 + Edge
1 user thanked author for this post.
anonymous
Guestb
ManagerMicrosoft LAPS is a great solution for this and easily deployed.
I don’t see how Local Adminstrator Password Solution would prevent the built-in administrator getting disabled during an upgrade, as that’s an expected behavior (which is not password-related).
But isn’t it just for domains with Active Directory anyway? No use for small businesses or home users?
Windows 11 Pro version 22H2 build 22621.1778 + Microsoft 365 + Edge
Viewing 6 reply threads -

Plus Membership
Donations from Plus members keep this site going. You can identify the people who support AskWoody by the Plus badge on their avatars.
AskWoody Plus members not only get access to all of the contents of this site -- including Susan Bradley's frequently updated Patch Watch listing -- they also receive weekly AskWoody Plus Newsletters (formerly Windows Secrets Newsletter) and AskWoody Plus Alerts, emails when there are important breaking developments.
Get Plus!
Welcome to our unique respite from the madness.
It's easy to post questions about Windows 11, Windows 10, Win8.1, Win7, Surface, Office, or browse through our Forums. Post anonymously or register for greater privileges. Keep it civil, please: Decorous Lounge rules strictly enforced. Questions? Contact Customer Support.
Search Newsletters
Search Forums
View the Forum
Search for Topics
Recent Topics
-
Using wildcards in search and replace
by
Bob Karrow
31 minutes ago -
How is Windows XP an security risk?
by
Curious
1 hour, 5 minutes ago -
Is using VPN a good idea?
by
Tex265
2 hours, 17 minutes ago -
How to prevent/disable Bitlocker Automatic Device Encryption?
by
EricB
5 hours, 25 minutes ago -
Unexplained aspects of installing the latest update of Office 2021
by
TonyC
5 hours, 22 minutes ago -
Getting started with macOS Disk Utility: RAID, images, and repairs
by
Alex5723
14 hours, 19 minutes ago -
Getting started with macOS Disk Utility: Resizing, snapshots, and journaling
by
Alex5723
14 hours, 23 minutes ago -
Are you ready for AI?
by
Susan Bradley
1 hour, 11 minutes ago -
Windows 11 Insider Preview build 25375 released to Canary
by
joep517
16 hours, 57 minutes ago -
Windows 11 Insider Preview Build 22621.1825 and 22624.1825 released to BETA
by
joep517
17 hours, 1 minute ago -
Duplicate image name brings up old images
by
Susan Bradley
1 day, 22 hours ago -
XP offline activation tool, xp_activate32.exe
by
Alex5723
10 hours, 24 minutes ago -
Huge Tesla leak reveals thousands of safety concerns, privacy problems
by
Alex5723
25 minutes ago -
Android : iRecorder – Screen Recorder new Android RAT
by
Alex5723
2 days, 3 hours ago -
HP has found an exciting new way to DRM your printer!
by
Alex5723
2 days, 3 hours ago -
Outlook 2019 Resend “you do not appear to be the original sender…” msg
by
Mw Ward
2 days, 18 hours ago -
Wine update?
by
bassmanzam
1 day, 17 hours ago -
Issue with \windows\servicing\LCU\Package_for_rollupFix…
by
cmar6
2 days ago -
Java JDK 20 – Should I install it?
by
Peobody
1 day, 7 hours ago -
Windows 10 won’t boot on a new motherboard
by
Paul Demmitt
2 days, 5 hours ago -
Cannot Update Win 10 to 22H2 from 21H2
by
Haifisch77
3 days, 4 hours ago -
Microsoft : Saving or copying files might intermittently fail
by
Alex5723
3 days ago -
Chinese Volt Typhoon hit US critical infrastructure sectors
by
Alex5723
1 day, 18 hours ago -
EFF: How to Fix the Internet-People With Disabilities Are The Original Hackers
by
Elly
2 days, 13 hours ago -
Windows 11 Insider Preview build 23466 released to DEV
by
joep517
4 days ago -
Cannot Un-suspend tasks
by
steven.h.lutz
4 days, 1 hour ago -
Old Hardware
by
fpefpe
3 days, 7 hours ago -
New ways to customize Chrome on your desktop
by
Alex5723
4 days, 10 hours ago -
Microsoft ‘killed” WinRAR and 7-zip
by
Alex5723
3 days, 22 hours ago -
Losing Wireless Identity
by
WSmmi16
1 day, 23 hours ago
Recent blog posts
Key Links
Want to Advertise in the free newsletter? How about a gift subscription in honor of a birthday? Send an email to sb@askwoody.com to ask how.
Mastodon profile for DefConPatch
Mastodon profile for AskWoody
Home • About • FAQ • Posts & Privacy • Forums • My Account
Register • Free Newsletter • Plus Membership • Gift Certificates • MS-DEFCON Alerts
Copyright ©2004-2023 by AskWoody Tech LLC. All Rights Reserved.