0xc0000005 MSIEXEC error when trying to install anything

The error code 0xc0000005 indicates an access violation, which typically occurs when a program tries to read or write to a memory location that it does not have permission to access. In your case, this error is occurring during the installation process using MSIEXEC, which is related to the Windows Installer service.

Here are some steps you can take to troubleshoot this issue:

1. Verify Updates: Ensure that your Windows Server 2025 is fully updated. Sometimes, installing the latest updates can resolve underlying issues with system components like the Windows Installer.
2. Check for Corrupted Files: Run the System File Checker tool to check for and repair corrupted system files. You can do this by opening an elevated Command Prompt and running the command:

sfc /scannow

3. **Antivirus Software**: If you have antivirus software installed, make sure it is up to date and check if it is interfering with the installation process. You may want to temporarily disable it to see if that resolves the issue.

4. **Windows Error Reporting (WER)**: Check the Windows Error Reporting logs for more detailed information about the crash. You can enable verbose logging for the process to gather more data.

5. **WMI Issues**: Since you mentioned issues with agents and installations, verify that the Windows Management Instrumentation (WMI) service is functioning correctly. You can test the WMI service by running:

wmic /namespace:\root\default Class StdRegProv Call GetDWORDValue hDefKey="&H80000002" sSubKeyName="SYSTEM\CurrentControlSet\Services\Winmgmt" sValueName=Start

If there are issues, you may need to repair the WMI repository using:

winmgmt /salvagerepository

6. Event Viewer: Check the Event Viewer for any additional error messages or warnings that might provide more context about the failure.

If the problem persists after trying these steps, you may need to consider reinstalling the Windows Installer service or seeking further assistance from Microsoft support.

References:

• Resolved issues in Windows Server 2025
• The application or service crashing behavior troubleshooting guidance

Hi Andy,

From your description, it looks like you’re encountering a combination of two known issues: (1) an early release alpha feature related to Kerberos and domain security being enabled by default in some Server 2025 builds, and (2) instability within the MSI Engine that prevents any installer relying on MSIEXEC.exe from running correctly. When joining the server to the domain, the KDC service switching to manual mode can temporarily bypass the login issue, but it does not address the deeper problem introduced by the alpha feature conflict.

The exception code 0xc0000005 in msi.dll indicates an access violation, which typically occurs when a system component is corrupted, blocked, or replaced by an incompatible module. In many Server 2025 preview builds, this happens when MSI tries to load security related components that are out of sync with the OS version. The fact that both promoted DC installation and basic agent updates fail strongly suggests that MSI is unable to initialize its required security context.

To fix this, please apply the newest Cumulative Update (CU) for Windows Server 2025, which includes patches specifically addressing MSI instability and the alpha Kerberos feature being active by default. If MSI is broken and Windows Update cannot initiate, you can manually download and install the .MSU package - the standalone installer does not rely on the MSI subsystem and is often successful even in this scenario.

After installing the CU, please reboot the server and run the following commands to check system integrity:

• sfc /scannow: this will repair corrupted system binaries including msi.dll if needed.
• DISM /Online /Cleanup - Image /RestoreHealth: this will rebuild the servicing stack and fix component store mismatches that cause MSI failures.

If you suspect the agent installed earlier may have interfered with MSI, I recommend temporarily uninstalling or disabling it after the update, then reinstalling the newest version once MSI functionality is restored. Also, ensure the server is not running a preview/Insider build production environments should always use GA builds to avoid alpha-feature regressions.

After these steps, please restore the KDC service to its default automatic startup, as leaving it in manual mode can create authentication inconsistencies, especially on domain controllers. Once the MSI subsystem is back to normal, you should be able to promote the server and install agents without encountering the msiexec.exe crashes.

Please "accept the answer" so that it could be spread further to those in need too. If not, is there anything I can help you with? Please let me know.

Hi Andy Gillogly

I think at this point, the most reliable path forward is to perform an in-place upgrade repair using the most recent Windows Server 2025 ISO available through VLSC or the Evaluation Center. This process reinstalls core system binaries (including MSI and KDC components) without affecting your applications or data, and has been successful in restoring stability on similarly impacted systems.

Additionally, you may want to verify that the following remain disabled, even if the KDC service is set to Manual:

• The Kerberos Key Distribution Center Next-Gen feature flag under HKLM\SYSTEM\CurrentControlSet\Services\Kdc

Any domain-wide GPO objects that may have enabled the alpha KDC feature during earlier testing or deployments

If the server was ever promoted while the feature was active, some schema or security provider components may also require manual cleanup which I can help guide you through once we confirm the repair install results. Please let me know once you’ve had a chance to run the in-place upgrade or if you'd like step-by-step instructions.

Thank you