Microsoft has unveiled the Windows 10 KB5082200 extended security update, addressing vulnerabilities identified during the April 2026 Patch Tuesday, including two critical zero-day flaws. This update not only enhances security but also introduces notable features aimed at improving user experience.
Among the key enhancements are new protections against phishing attacks utilizing Remote Desktop Protocol (.rdp) files, as well as updated indicators within Windows Security that inform users about the rollout status of new Secure Boot certificates.
For those utilizing Windows 10 Enterprise LTSC or enrolled in the ESU program, installation is straightforward. Users can navigate to Settings, select Windows Update, and perform a manual ‘Check for Updates’ to access this latest update.
Source: BleepingComputer
Upon successful installation, Windows 10 will be upgraded to build 19045.7184, while Windows 10 Enterprise LTSC 2021 will transition to build 19044.7184.
What’s new in Windows 10 KB5082200
As Microsoft shifts its focus away from introducing new features for Windows 10, the KB5082200 update is primarily centered on security enhancements and bug fixes. This April 2026 Patch Tuesday has resolved a total of 167 vulnerabilities, including two significant zero-day issues.
The following is a detailed list of the fixes included in this update:
- [Sign-In] Resolved an issue where users might encounter difficulties signing into apps with a Microsoft account after installing updates released on or after March 10, 2026. This problem could lead to a “no Internet” error, hindering access to Microsoft services such as Microsoft Teams, despite having a functional Internet connection.
- [Remote Desktop] Enhanced protections against phishing attacks involving Remote Desktop (.rdp) files. Users will now see all requested connection settings before establishing a connection, with each setting disabled by default. Additionally, a one-time security warning will appear when opening an .rdp file for the first time on a device. For further details, refer to the guide on Understanding security warnings when opening Remote Desktop (RDP) files.
- [Secure Boot]
- This update introduces dynamic status reporting for Secure Boot states within the Windows Security App (Settings > Update & Security > Windows Security). Users can learn more about status alerts via badges and notifications, though these enhancements are disabled by default on commercial devices and servers.
- Addresses an issue that could lead to devices entering BitLocker Recovery following Secure Boot updates.
- Incorporates additional high-confidence device targeting data into Windows quality updates, thereby expanding the pool of devices eligible to automatically receive new Secure Boot certificates. These certificates will only be issued after devices demonstrate sufficient successful update signals, ensuring a controlled and phased rollout.
This update also resolves a persistent issue affecting certain Intel-based devices with Connected Standby capabilities, which previously faced the BitLocker recovery screen upon restart.
Furthermore, Microsoft is actively rolling out new Secure Boot certificates to replace older certificates from 2011, which are set to expire in June 2026. Users can check the status of this rollout within the Windows Security interface.
According to Microsoft, there are currently no known issues associated with this update.
