Microsoft has taken swift action to address the challenges faced by users of Windows 10 with the release of an emergency out-of-band update, designated as KB5072653. This update aims to resolve persistent issues related to the installation of the November extended security updates, which have been a source of frustration for both individual and business customers.
As a reminder, Windows 10 reached its end of support on October 14, 2025, meaning that Microsoft no longer provides new features or free security updates. However, for those who wish to continue utilizing this operating system, the company offers extended security updates (ESU) as a viable option.
Consumers can access these extended security updates for an additional year through one of three methods: by paying , backing up their Windows settings to their Microsoft account, or redeeming 1,000 Microsoft reward points. For enterprise customers, the path is more structured, with the option to purchase an ESU license for three years, bringing the total cost per device to 7.
During the November Patch Tuesday, Microsoft rolled out the first Windows 10 extended security update. Unfortunately, many users encountered difficulties, with some devices not receiving the update as expected, while others faced installation errors marked by the code 0x800f0922 (CBSEINSTALLERS_FAILED).
Microsoft releases emergency fix
In response to these issues, Microsoft has introduced the “KB5072653 Extended Security Updates (ESU) Licensing Preparation Package.” This update is specifically designed to rectify the 0x800f0922 errors that have hindered users from successfully installing the ESU update.
A Microsoft support bulletin states, “The organizations affected by this issue can resolve it by installing KB5072653: Extended Security Updates (ESU) Licensing Preparation Package for Windows 10, which was released on November 17, 2025.” It further clarifies that once this preparation package is installed, users will be able to deploy the November 2025 security update (KB5068781).
To successfully install the update, devices must be running Windows 10 version 22H2 and have the October 2025 KB5066791 cumulative update already installed. Users can then check for new updates via Windows Update, where the KB5072653 will be automatically included.
Microsoft advises that after installing the KB5072653 update and restarting Windows, users should rerun Windows Update to ensure the successful installation of the November extended security update.
However, reports have surfaced from some corporate Windows administrators indicating that tools like WSUS and SCCM are not accurately reflecting the need for the extended security update on enrolled devices. In response, Microsoft has announced plans to release a new Scan Cab containing updated metadata for this update, which will enhance compliance update checks.
“A new Scan Cab including metadata for KB5072653 will be available in the near future for organizations that utilize cab files for compliance update checks. We will update this announcement once the new Scan Cab is available,” Microsoft explained.
For those seeking to deepen their understanding of modern patch management strategies and enhance their update workflows, BleepingComputer is hosting a December 2 webinar with Action1, offering valuable insights into effective practices in this critical area.
As budget season approaches, over 300 CISOs and security leaders have shared their planning, spending, and prioritization strategies for the upcoming year. This report compiles their insights, enabling readers to benchmark their strategies, identify emerging trends, and compare priorities as they prepare for 2026. Discover how top leaders are transforming investment into measurable impact.
