Microsoft releases Windows 10 KB5078885 extended security update
Source: Bleeping Computer
Microsoft has released the Windows 10 KB5078885 extended security update to fix the March 2026 Patch Tuesday vulnerabilities, including two zero‑days and an issue that prevents some devices from shutting down.
If you are running Windows 10 Enterprise LTSC or are enrolled in the ESU program, you can install this update as usual by going to Settings → Windows Update and manually performing a Check for Updates.
Source: BleepingComputer
After installing this update, Windows 10 will be updated to build 19045.7058, and Windows 10 Enterprise LTSC 2021 will be updated to build 19044.7058.
What’s new in Windows 10 KB5078885
Microsoft is no longer releasing new features for Windows 10, and the KB5078885 update contains only security fixes and bug fixes introduced by previous security updates.
With today’s March 2026 Patch Tuesday, Microsoft has fixed 79 vulnerabilities, including two actively exploited zero‑day flaws.
Fixes included
- Windows System Image Manager – Adds a warning dialog to help users confirm that the selected catalog file comes from a trusted source.
- File History – Improves backup of new files whose names contain certain Chinese and Private Use Area characters.
- Graphics – Improves stability for certain GPU configurations.
- Secure Boot – Includes additional high‑confidence device‑targeting data, increasing coverage of devices eligible to automatically receive new Secure Boot certificates. This targeting is based primarily on client device diagnostic data; servers are unlikely to qualify, though not explicitly excluded. Devices receive new certificates only after demonstrating sufficient successful update signals, maintaining a controlled and phased rollout.
- Fonts – Updates Chinese fonts to meet GB18030‑2022A compliance.
- OS Security (known issue) – Fixed: After installing the Windows security update released on or after January 13 2026, some Secure Launch‑capable PCs with Virtual Secure Mode (VSM) enabled were unable to shut down or enter hibernation; the device would restart instead.
- Folders – Fixes an issue that affected folder renaming with
desktop.inifiles in File Explorer. TheLocalizedResourceNamesetting was previously ignored, so custom folder names did not show. Custom folder names now appear as expected.
This update also resolves a known issue that prevented Windows 10 devices from shutting down or hibernating when System Guard Secure Launch is enabled (details).
Microsoft is continuing to roll out new Secure Boot certificates to replace older 2011 certificates that expire in June 2026. These certificates are used to validate Windows boot components, third‑party bootloaders, and Secure Boot revocation updates; if expired, they could allow threat actors to bypass security protections.
Microsoft states that there are no known issues with this update.