Hi 준호 장,
I’m following up to check whether the issue has been resolved. If the information provided was helpful, please click "Accept Answer" to help others in the community. Thank you!
Service failure of Napatech 10G Driver after Jan/Feb 2026 Updates on Windows Server 2016
![](data:image/svg+xml, %3Csvg xmlns='http://www.w3.org/2000/svg' height='64' class='font-weight-bold' style='font: 600 30.11764705882353px "SegoeUI", Arial' width='64'%3E%3Ccircle fill='hsl(57.599999999999994, 16%, 15%)' cx='32' cy='32' r='32' /%3E%3Ctext x='50%25' y='55%25' dominant-baseline='middle' text-anchor='middle' fill='%23FFF' %3EA%3C/text%3E%3C/svg%3E)
준호 장
0
Reputation points
[System Environment]
OS: Windows Server 2016 Standard
Update causing issue: KB5073722 (Jan 2026) or KB5075999 (Feb 2026)
Driver Version: nt_driver_3gd_windows_2.11.2 (Legacy)
[Problem Description] After applying the January/February 2026 Cumulative Updates, the Napatech service (ntservice.exe) fails to start. There is no error message; it remains in a stopped state. The issue is resolved immediately upon rolling back to the December 2025 patch level.
[Operational Constraints & Urgent Request] We are fully aware that this is a legacy driver. However, immediate driver/SDK migration is currently impossible due to our production environment's strict dependency on this specific version for proprietary application compatibility.
We are seeking a Windows-side workaround rather than a driver update. Specifically, we request information on:
How to whitelist this legacy driver from the latest Vulnerable Driver Blocklist or Kernel-level Code Integrity (CI) checks.
If disabling specific security features via Registry (e.g., VulnerableDriverBlocklistEnable) or Group Policy is applicable for Windows Server 2016 to restore service functionality.
- Any known "Known Issue Rollback (KIR)" or temporary mitigation for legacy FPGA drivers affected by the 2026 security hardening.[System Environment]
- OS: Windows Server 2016 Standard
- Update causing issue: KB5073722 (Jan 2026) or KB5075999 (Feb 2026)
- Driver Version: nt_driver_3gd_windows_2.11.2 (Legacy)
- How to whitelist this legacy driver from the latest Vulnerable Driver Blocklist or Kernel-level Code Integrity (CI) checks.
- If disabling specific security features via Registry (e.g.,
VulnerableDriverBlocklistEnable) or Group Policy is applicable for Windows Server 2016 to restore service functionality. - Any known "Known Issue Rollback (KIR)" or temporary mitigation for legacy FPGA drivers affected by the 2026 security hardening.
Windows for business | Windows Server | Performance | Application technologies and compatibility
2 answers
Sort by: Most helpful
-
![](data:image/svg+xml, %3Csvg xmlns='http://www.w3.org/2000/svg' height='64' class='font-weight-bold' style='font: 600 30.11764705882353px "SegoeUI", Arial' width='64'%3E%3Ccircle fill='hsl(172.8, 86%, 26%)' cx='32' cy='32' r='32' /%3E%3Ctext x='50%25' y='55%25' dominant-baseline='middle' text-anchor='middle' fill='%23FFF' %3EJN%3C/text%3E%3C/svg%3E)
Jason Nguyen Tran 14,595 Reputation points Independent Advisor2026-02-27T03:55:21.4133333+00:00 -
Jason Nguyen Tran 14,595 Reputation points Independent Advisor
2026-02-25T10:21:14.1033333+00:00 Hi 준호 장,
The behavior you’re seeing is tied to the security hardening introduced in the January and February 2026 cumulative updates. These updates expanded the Vulnerable Driver Blocklist and tightened Code Integrity (CI) checks, which can prevent legacy drivers from loading even if they previously worked. Unfortunately, there is no supported way to “whitelist” a blocked driver in Windows Server 2016. The registry value
VulnerableDriverBlocklistEnableapplies only to newer Windows builds, and Known Issue Rollback (KIR) is not available for this scenario on Server 2016.The only Windows‑side mitigations are:
Rolling back to the December 2025 patch level (as you’ve already tested).
Running the server without the January/February updates until a supported driver path is available.
Planning a migration to a newer Napatech driver/SDK that is not blocked by CI.
I realize this may not be the answer you were hoping for, but it’s important to note that disabling CI or bypassing the blocklist is not supported and could expose the system to significant security risks. The safest path forward is to coordinate with Napatech for an updated driver, while temporarily holding back the January/February updates if your environment requires the legacy version.
If the information provided so far has helped you better understand or resolve the issue, please click "Accept Answer" to mark it as resolved, as this may also help others in the community.
Jason.