Windows Security Update Archives

Winsage

March 23, 2026

Microsoft fixes broken Windows update days after vowing fewer broken updates

Microsoft released an out-of-band update to address bugs from the March 2026 security update, which caused some users to receive a "no internet" error when signing into Microsoft applications, despite having a stable connection. Users utilizing Microsoft Entra ID were not affected by this issue. Prior to the fix, Microsoft advised users to restart their devices and maintain a stable internet connection. The new update includes all elements from the March 10 security update and specifically resolves the connectivity issue. Windows chief Pavan Davuluri has committed to improving reliability and stability in the operating system, emphasizing thorough testing of updates before release.

Winsage

March 19, 2026

Microsoft publishes a workaround for Samsung’s C: drive woes

Microsoft has released a guide to help users regain access to their C: drives affected by a Windows security update that impacted the Samsung Galaxy Connect app. Users must sign in with administrator rights, uninstall the Samsung applications, change file ownership on the C: drive to 'Everyone,' create a batch file to restore permissions, and restart their devices. Microsoft and Samsung have validated these recovery steps, and users can seek additional support from Samsung if needed. The Samsung Galaxy Connect app was temporarily removed from the Microsoft Store, but a previous version has been reinstated. The issue is marked as "Resolved," indicating no further patch from Microsoft is expected.

Winsage

March 17, 2026

Microsoft to Block Windows 11 and Server 2025 Automated Installation After Critical RCE Vulnerability

Microsoft is implementing a two-phase initiative to disable the hands-free deployment feature in Windows Deployment Services (WDS) due to a critical remote code execution vulnerability (CVE-2026-0386) identified on January 13, 2026. This vulnerability arises from improper access control related to the Unattend.xml file, which is transmitted over an unauthenticated RPC channel, allowing attackers on the same network segment to exploit it. Successful exploitation could grant SYSTEM-level privileges and compromise OS deployment images. The initiative includes: - Phase 1 (January 13, 2026): The hands-free deployment feature will remain operational but can be disabled. New Event Log alerts and registry key controls will be introduced to enforce secure practices. - Phase 2 (April 2026): The hands-free deployment feature will be completely disabled by default for administrators who have not modified registry settings. Administrators can temporarily re-enable the feature by setting AllowHandsFreeFunctionality = 1, but this is not secure. Recommendations include reviewing WDS configurations, applying security updates, setting registry keys for secure behavior, monitoring Event Viewer for alerts, and considering alternative deployment methods. Microsoft’s KB article 5074952 provides further guidance for impacted organizations.

Winsage

March 11, 2026

Hotpatching goes default in Windows Autopatch whether you like it or not

Microsoft will enable hotpatch security updates by default starting with the May 2026 Windows security update. Hotpatch updates allow security enhancements to be applied without system restarts, while quarterly baseline updates will still require a restart. Windows Autopatch will manage updates using "testing rings" to progressively roll out updates and address any issues. Devices must run Windows 11 24H2 or later and have the April 2026 security update installed to receive hotpatch updates automatically. Existing update policies will remain intact, and administrators can opt out of hotpatch updates at the tenant or group policy level.

Winsage

March 11, 2026

Microsoft to enable Windows hotpatch security updates by default

Microsoft will enable hotpatch security updates by default for eligible Windows devices managed through Microsoft Intune and the Microsoft Graph API starting with the May 2026 Windows security update. This change aims to enhance security and reduce the time to achieve 90% patch compliance by half. The updates will be managed through Windows Autopatch, which allows organizations to apply updates without manual intervention. Administrators can manage hotpatch updates at the tenant level and can opt-out starting April 1, 2026. A Hotpatch quality updates report will be available in Intune to ensure devices are ready for the updates. Windows Autopatch became generally available in July 2022 and is currently operational on over 10 million production devices.

Winsage

March 11, 2026

Microsoft flips Windows Autopatch to default hotpatch security updates

Microsoft will automatically enable hotpatch security updates for Windows devices managed through Microsoft Intune or the Microsoft Graph API starting with the May 2026 Windows security update. This feature allows security fixes to be applied without requiring a device restart, improving compliance efficiency. Devices that install the April 2026 baseline security update will begin receiving hotpatch updates in May 2026, but this will only apply to devices not already assigned to a quality update policy. Organizations can opt out of hotpatch updates for specific device groups or their entire tenant starting April 1, 2026.

Winsage

March 11, 2026

Microsoft releases Windows 10 KB5078885 extended security update

Microsoft has released the Windows 10 KB5078885 extended security update, which addresses vulnerabilities identified during the March 2026 Patch Tuesday. This update resolves two zero-day vulnerabilities and a critical issue preventing certain devices from shutting down properly. Users of Windows 10 Enterprise LTSC or those in the ESU program can install it via Settings under Windows Update. The update upgrades Windows 10 to build 19045.7058 and Windows 10 Enterprise LTSC 2021 to build 19044.7058. The update focuses on security enhancements and bug fixes, addressing a total of 79 vulnerabilities, including two actively exploited ones. Key fixes include: - A new warning dialog in Windows System Image Manager for confirming trusted catalog files. - Enhancements to File History for backing up files with specific Chinese and Private Use Area characters. - Stability improvements for specific GPU configurations. - Additional high-confidence device targeting data for Secure Boot certificates. - Adjustments to Chinese fonts for compliance with GB18030-2022A standards. - A fix for Secure Launch-capable PCs with Virtual Secure Mode unable to shut down or hibernate after a previous security update. - Resolution of an issue affecting folder renaming with desktop.ini files in File Explorer. The update also addresses a known issue preventing Windows 10 devices from shutting down or hibernating when System Guard Secure Launch is enabled. Microsoft is deploying new Secure Boot certificates to replace those expiring in June 2026, which are crucial for validating boot components and preventing security risks. There are currently no known issues associated with this update.

Winsage

February 16, 2026

Windows 11 KB5077181 fixes boot failures linked to failed updates

Microsoft resolved a critical bug affecting some commercial systems running Windows 11 that caused boot failures due to an "UNMOUNTABLEBOOTVOLUME" error. This issue was linked to problematic updates from December 2025 and primarily impacted devices on Windows 11 versions 25H2 and 24H2. The resolution was included in the February 2026 Patch Tuesday update, specifically the Windows 11 KB5077181 security update released on February 10, 2026. An initial fix was provided in the optional update KB5074105 on January 29, 2026. Affected devices experienced failures after installing the January 13, 2026, security update KB5074109. Microsoft recommends that enterprise customers with still unbootable systems contact Microsoft Support for Business for assistance.

Winsage

January 26, 2026

Microsoft releases second emergency Windows 11 update to fix Outlook crashes

Microsoft has released an out-of-band update to fix a critical bug causing Outlook to crash for Windows 11 users, following complications from the January 2026 Windows security update. The update addresses issues where applications became unresponsive or generated errors when opening or saving files in cloud-backed locations, particularly affecting PST files on OneDrive. This is Microsoft's second emergency patch this year, reflecting their commitment to urgent user concerns. Additionally, some Windows 11 devices experienced shutdown and hibernation issues, while users of Windows 10 and 11 faced login difficulties via remote connections. The update allows users to resolve these issues with a single installation, restoring application functionality.

Winsage

January 20, 2026

Microsoft issues emergency patch for latest Windows bugs

Microsoft released the January Patch Tuesday update on January 13, 2026, addressing over 110 security vulnerabilities. The update introduced bugs affecting Windows 11, Windows 10, and Windows Server. The first issue involves authentication failures when connecting to a Cloud PC via Remote Desktop, primarily affecting Windows 11 25H2, Windows 10 22H2 ESU, and Windows Server 2025. The second issue affects systems with Secure Launch enabled, causing unexpected restarts instead of shutting down or entering hibernation mode, specifically impacting Windows 11 23H2. Microsoft has released emergency patches for the affected versions, which include: - Windows 11, versions 25H2 and 24H2 (KB5077744) - Windows 11, version 23H2 (KB5077797) - Windows 10, version 22H2 ESU and Windows 10 Enterprise LTSC 2021 (KB5077796) - Windows Server 2025 (KB5077793) - Windows Server 2022 (KB5077800) - Windows Server 2019 and Enterprise LTSC 2019 (KB5077795)