Microsoft Releases Cumulative Update for Windows 11, Version 25H2 and 24H2

Discover more VPN services Security awareness training Antivirus & Malware HomeCyber Security News Microsoft Releases Cumulative Update for Windows 11, Version 25H2 and 24H2 By Tushar Subhra Dutta May 13, 2026 Microsoft pushed out a significant cumulative update for Windows 11 on May 12, 2026, covering both version 25H2 and version 24H2. The update, identified as KB5089549, brings OS Builds 26200.8457 and 26100.8457 to users running these versions. It bundles the latest security fixes alongside quality improvements carried over from April’s optional preview release, making it one of the more complete monthly patches in recent memory. This update lands at a time when Windows security has been under sharp focus, particularly around how systems handle boot processes and certificate validation. A growing number of threat actors have explored weaknesses in Secure Boot configurations, making timely patching more important than ever. The update directly responds to those concerns by addressing known vulnerabilities and hardening areas that attackers have historically targeted. Microsoft engineers noted specific improvements designed to close gaps that surfaced after the April 2026 security update (KB5083769). One of the more notable fixes addresses a situation where devices running certain Trusted Platform Module (TPM) validation settings, including invalid PCR7 configurations, were being forced into BitLocker Recovery after boot file updates. Analysts at Microsoft confirmed this as a real-world issue affecting a subset of devices and moved quickly to correct it. Beyond the boot-related fix, the update also strengthens how Windows handles network discovery through the Simple Service Discovery Protocol (SSDP). A reliability improvement prevents the SSDP service from becoming unresponsive, which could otherwise disrupt device visibility across local networks. Network communication breakdowns can open indirect doors for attackers looking to exploit unstable or poorly managed services. The update also carries forward changes from the April 14 and April 30 preview builds, meaning users who skipped those optional releases will receive all those improvements now. Microsoft’s approach of combining the Latest Cumulative Update (LCU) and the Servicing Stack Update (SSU) into a single package makes the update process more seamless and reliable than previous cycles. Cumulative Update for Windows 11 The headline security improvement in this update is a refinement to how Secure Boot certificates are distributed. Windows quality updates now include higher-confidence device targeting data, meaning more devices qualify to receive updated Secure Boot certificates automatically. The rollout is controlled and phased, so certificates reach systems only after devices have shown consistent and successful update signals, which reduces the risk of pushing certificates to systems that may not be ready. The Boot Manager servicing update is another key change worth noting. Before this fix, certain devices would drop into BitLocker Recovery unexpectedly after boot file changes, particularly on systems where TPM validation settings did not align with expected configurations. This behavior was first reported following the April 2026 update, and KB5089549 specifically resolves it, allowing affected systems to start normally without triggering the recovery screen. AI Component Updates and Servicing Stack Alongside the security improvements, this release also refreshes several built-in AI components within Windows. Image Search, Content Extraction, Semantic Analysis, and the Settings Model have all been updated to version 1.2604.515.0 as part of this package. These components power various intelligent features within the OS, and keeping them current ensures they operate with the latest accuracy improvements. The servicing stack update (KB5092762), which ships as part of this combined package, moves the servicing stack to build 26100.8456. The servicing stack is the underlying mechanism that manages how Windows receives and installs updates, and keeping it current is critical to ensuring future patches arrive and apply correctly. Microsoft confirmed there are no known issues with this particular update at the time of release. Users are strongly advised to allow the update to install through Windows Update as soon as it becomes available. Attempting to remove the combined SSU and LCU package using the Windows Update Standalone Installer will not work because of how the two components are bundled together. If removal is ever necessary, the correct method is to use the DISM Remove-Package command and target only the LCU portion by name. Follow us on Google News, LinkedIn, and X to Get More Instant Updates, Set CSN as a Preferred Source in Google. Tags cyber security cyber security news Copy URL Linkedin Twitter ReddIt Telegram Tushar Subhra Dutta Tushar is a senior cybersecurity and breach reporter. He specializes in covering cybersecurity news, trends, and emerging threats, data breaches, and malware attacks. With years of experience, he brings clarity and depth to complex security topics. Trending News Critical Microsoft 365 Copilot Vulnerabilities Expose sensitive Information Škoda Security Incident Exposes Customers Data From Online Shop CISA Warns of Palo Alto PAN-OS Vulnerability Exploited to Gain Root Access Remus Infostealer Uses Lumma-Style Browser Key Theft and Application-Bound Encryption Bypass Critical Redis Vulnerabilities Enables Remote Code Execution Attacks Latest News Cyber Security News Microsoft Teams Vulnerability Allows Hackers to Perform Spoofing Attacks Cyber Security Microsoft Patch Tuesday May 2026 – 120 Vulnerabilities Fixed, Including 29 Critical RCE Flaws Cyber Security Fortinet Patches Five Vulnerabilities Across FortiAP, FortiOS, and Enterprise Products Cyber Security Critical Fortinet FortiSandbox Vulnerability Enables Code Execution Attacks Cyber Security News Open WebUI Vulnerability via File Upload Leads to 1-Click RCE Attack