Microsoft has rolled out the Windows 10 KB5078885 extended security update, addressing vulnerabilities identified during the March 2026 Patch Tuesday. This update is particularly significant as it resolves two zero-day vulnerabilities and a critical issue that has been preventing certain devices from shutting down properly.
For users operating Windows 10 Enterprise LTSC or those enrolled in the ESU program, the installation process remains straightforward. Simply navigate to Settings, select Windows Update, and perform a manual ‘Check for Updates’.
Source: BleepingComputer
Upon successful installation, Windows 10 will be upgraded to build 19045.7058, while Windows 10 Enterprise LTSC 2021 will transition to build 19044.7058.
What’s new in Windows 10 KB5078885
As Microsoft has shifted its focus away from introducing new features for Windows 10, the KB5078885 update is exclusively dedicated to enhancing security and rectifying bugs from prior updates. This month, Microsoft has addressed a total of 79 vulnerabilities, including two that are actively being exploited.
The following is a summary of the key fixes included in this update:
- [Windows System Image Manager] A new warning dialog has been added to assist users in confirming that the selected catalog file originates from a trusted source.
- [File History] Enhancements have been made to File History in Control Panel, allowing for the backup of new files with names containing certain Chinese and Private Use Area characters.
- [Graphics] Improvements have been implemented to address stability issues affecting specific GPU configurations.
- [Secure Boot] The update introduces additional high-confidence device targeting data, enhancing the coverage of devices eligible for automatic receipt of new Secure Boot certificates. This rollout is based primarily on client device diagnostic data, with a controlled approach to ensure successful updates.
- [Fonts] Adjustments have been made to Chinese fonts to ensure compliance with GB18030-2022A standards.
- [OS Security (known issue)] A fix has been applied for Secure Launch-capable PCs with Virtual Secure Mode (VSM) enabled, which were previously unable to shut down or enter hibernation after installing the Windows security update released on or after January 13, 2026.
- [Folders] This update resolves an issue affecting folder renaming with desktop.ini files in File Explorer, ensuring that custom folder names are displayed correctly.
Additionally, this update rectifies a known issue that hindered Windows 10 devices from shutting down or hibernating when System Guard Secure Launch was enabled.
Microsoft is also in the process of deploying new Secure Boot certificates to replace older ones set to expire in June 2026. These certificates play a vital role in validating Windows boot components, third-party bootloaders, and Secure Boot revocation updates. Expired certificates could potentially expose systems to security risks.
At present, Microsoft has reported no known issues associated with this update.
