ESU Archives

Winsage

March 11, 2026

Microsoft releases Windows 10 KB5078885 extended security update

Microsoft has released the Windows 10 KB5078885 extended security update, which addresses vulnerabilities identified during the March 2026 Patch Tuesday. This update resolves two zero-day vulnerabilities and a critical issue preventing certain devices from shutting down properly. Users of Windows 10 Enterprise LTSC or those in the ESU program can install it via Settings under Windows Update. The update upgrades Windows 10 to build 19045.7058 and Windows 10 Enterprise LTSC 2021 to build 19044.7058. The update focuses on security enhancements and bug fixes, addressing a total of 79 vulnerabilities, including two actively exploited ones. Key fixes include: - A new warning dialog in Windows System Image Manager for confirming trusted catalog files. - Enhancements to File History for backing up files with specific Chinese and Private Use Area characters. - Stability improvements for specific GPU configurations. - Additional high-confidence device targeting data for Secure Boot certificates. - Adjustments to Chinese fonts for compliance with GB18030-2022A standards. - A fix for Secure Launch-capable PCs with Virtual Secure Mode unable to shut down or hibernate after a previous security update. - Resolution of an issue affecting folder renaming with desktop.ini files in File Explorer. The update also addresses a known issue preventing Windows 10 devices from shutting down or hibernating when System Guard Secure Launch is enabled. Microsoft is deploying new Secure Boot certificates to replace those expiring in June 2026, which are crucial for validating boot components and preventing security risks. There are currently no known issues associated with this update.

Winsage

March 6, 2026

Windows 10 has been open to a severe recovery bug without this update

On October 14, 2025, Microsoft ended support for Windows 10 and encouraged users to switch to Windows 11, using full-screen pop-up ads. The company introduced the Extended Security Updates (ESU) program to facilitate this transition. However, issues arose with the Windows Recovery Environment (WinRE), which faced significant problems around the same time Windows 10 was phased out, affecting Windows 11 users as well. Microsoft acknowledged these issues in February and released an emergency patch to fix them. On March 3, 2026, a recovery update for Windows 10 versions 21H2 and 22H2 was rolled out to address the WinRE malfunction. Following the end of support for Windows 10, Windows 11's market share increased to 72.78%. Microsoft plans to improve Windows 11 in 2026 based on user feedback, but Windows 12 is not expected to be released this year.

Winsage

March 5, 2026

Windows 10: WinRE Update KB5075039 fixes issue from Oct. 2025

On March 3, 2026, Microsoft re-released update KB5075039 to restore functionality to the Windows Recovery Environment (WinRE) for Windows 10, which officially fell out of support in October 2025. This update followed a bug caused by dynamic security update KB5067039, released in October 2025, which introduced a problematic USBHUB3.SYS driver version that disabled USB keyboards and mice in WinRE. Microsoft acknowledged this issue on October 17, 2025. In mid-January 2026, Microsoft released recovery updates for Windows 10 and Windows 11, including KB5075039 on January 15, 2026, targeting Windows 10 versions 21H2 and 22H2, but it did not resolve the issue. The re-release of update KB5073933 on March 3, 2026, addressed a critical bug preventing WinRE from starting when the previous update KB5068164 was installed. The installation of KB5073933 is recommended for Windows 10 22H2 users with ESU support to ensure a functional recovery environment.

Winsage

March 4, 2026

Did Windows 10 automatically update itself on this user’s PC with curiously perfect timing — or was this mid-shower surprise just an honest mistake?

Microsoft has been encouraging users to upgrade to Windows 11 since its launch in October 2021, employing tactics such as full-screen pop-up ads. Some users prefer Windows 10 due to its hardware requirements and design issues. A user named 'djseifer' reported that their Windows 10 PC automatically upgraded to Windows 11 while they were away, despite declining previous upgrade prompts. Upon returning, they expressed dissatisfaction with the new interface, particularly the Start menu and centralized taskbar. It is generally understood that Microsoft should not forcibly upgrade a user's operating system without consent, although the user may have inadvertently consented through prior agreements. Users can disable automatic updates to maintain their Windows 10 experience, but this may expose them to security vulnerabilities. Microsoft requires TPM 2.0 for Windows 11, complicating upgrades for unsupported hardware. Windows 10 will still be usable after Microsoft ends support on October 14, 2025, but users will face increased risks from cyber threats. Extended Security Updates (ESU) will provide limited security updates for a time.

Winsage

March 2, 2026

Windows 11 tops market share as 10 faces extended farewell

Recent data from Statcounter indicates that Windows 11 has a market share of 72.57 percent, while Windows 10 holds 26.45 percent. Microsoft claims that Windows 11 has surpassed one billion users. Statcounter's data is collected from over 1.5 million websites and may be subject to revision. Microsoft will discontinue support for many versions of Windows 10 in October 2025, leading some organizations to consider Extended Security Updates (ESU), which can incur additional costs. Windows Server 2016 has a 20.3 percent share among monitored servers, and Windows 10 2016 LTSB accounts for 0.5 percent of Windows devices, making up 19.8 percent within the LTSC/LTSB category. The higher usage of LTSC/LTSB is attributed to special-purpose devices in consumer and retail sectors, which face stricter upgrade protocols.

Winsage

February 25, 2026

Microsoft gives Windows laggards the ‘gift of time’ wrapped in licensing fees

Microsoft is offering up to three years of Extended Security Updates (ESU) for older Windows installations, with the expectation of compensation. Most major versions of Windows 10 will reach end of support by 2025, while Windows 10 Enterprise 2016 LTSB and Windows IoT Enterprise LTSB 2016 will end support on October 13, 2026, and Windows Server 2016 will conclude support on January 12, 2027. Microsoft recommends upgrading to Windows Server 2025 for Windows Server 2016 users. The pricing for ESU for Windows 10 2016 LTSB starts at a specified amount per device for the first year, with expected increases in subsequent years. Customers using Intune or Windows Autopatch may receive a reduced rate. There is no official pricing for Windows Server 2016 ESU, creating uncertainty for administrators. Historically, Microsoft has charged a premium for extended support, with previous ESU costs for Windows Server 2012 being 100 percent of the full license price for the first year. The final cost of ESU will depend on each organization’s licensing agreement.

Winsage

February 24, 2026

Microsoft extends security patching for three Windows products at a price

Support for Windows 10 Enterprise LTSB 2016 and Windows 10 IoT Enterprise 2016 LTSB will end on October 13, 2026, while Windows Server 2016 will reach its end of support on January 12, 2027. Organizations using these products will receive one final monthly security update on the specified dates, after which they will not receive security patches, updates, or technical support. The Extended Security Updates (ESU) program allows organizations to purchase coverage for up to three years beyond the end of support, with pricing starting at a specified amount per device for the first year and doubling for each subsequent year. Windows Server 2016's ESU pricing has not been announced, and Microsoft recommends upgrading to newer Long-Term Servicing Channel releases. In the European Economic Area, Windows 10 users can access ESU until October 14, 2026, without payment or cloud account requirements due to advocacy from Euroconsumers.

Winsage

February 24, 2026

Support for Windows Server 2016 is coming to an end

Microsoft has announced the end of support for several Windows products launched in 2016, including Windows Server 2016, Windows 10 Enterprise 2016 LTSB, and Windows IoT Enterprise LTSB 2016. Windows Server 2016 has been in the extended support phase since January 2022, with security updates available until January 12, 2027. Windows 10 Enterprise 2016 LTSB and Windows IoT Enterprise LTSB 2016 will reach the end of their extended support on October 13, 2026. Microsoft offers the Extended Security Updates (ESU) program for these products, allowing critical security updates for a fee, with costs for Windows 10 Enterprise 2016 LTSB set to increase annually per device. ESU will also be available for Windows Server 2016, but pricing details are not yet released. Windows IoT Enterprise LTSB 2016 will receive extended support through hardware manufacturers, with terms and costs varying by supplier. Microsoft emphasizes that using unsupported software increases risks and that migrating to a newer version of Windows is the only long-term solution.

Winsage

February 19, 2026

Windows 10 ESU update KB5075912 bumps 22H2 to Build 19045.6937

Microsoft has announced an update, identified as KB5075912, regarding Secure Boot certificates to enhance device security for Windows users. Key points include the introduction of new certificates to prevent unauthorized software during startup, improved compatibility with various hardware configurations, and a commitment to provide regular updates to these certificates.

Winsage

February 15, 2026

Microsoft Refreshes Secure Boot Certificates via Windows Update

Microsoft will begin rolling out new Secure Boot certificates through Windows Update starting in March 2026, coinciding with the expiration of original certificates from 2011, which will phase out in June 2026. The new certificates include Microsoft Corporation KEK 2K CA 2023, Microsoft UEFI CA 2023, Microsoft Option ROM UEFI CA 2023, and Windows UEFI CA 2023. Not all Windows users will receive the update simultaneously; eligibility will focus on high-confidence devices with strong update histories. Newer PCs sold from 2024 will already have the 2023 Secure Boot certificates, while some devices may require additional firmware updates from their OEMs. PCs that do not receive the new certificates will still boot but will operate with diminished security, increasing vulnerability to exploits and compatibility issues with anti-cheat software and future Windows versions. Users on unsupported Windows versions will not receive the new certificates, leading to heightened security risks after June 2026.