CybersecurityVulnerability Management

Microsoft Releases Urgent Windows 10 Update to Fix Security Flaws

Analyst 207||Source: BleepingComputer
Windows 10 laptop on a clean surface with open screen displaying a blurred image.

Microsoft fixed 120 vulnerabilities as part of the May 2026 Patch Tuesday and shipped an extended security update for Windows 10 — KB5087544 — that also addresses newly reported Remote Desktop rendering problems and changes how Secure Boot state and certificates are handled.

What KB5087544 delivers

KB5087544 is an extended security update for Windows 10 that Microsoft describes as primarily containing security updates and bug fixes. After installing the patch, systems will report updated build numbers: Windows 10 moves to build 19045.7291, and Windows 10 Enterprise LTSC 2021 moves to build 19044.7291. Microsoft notes it is no longer releasing new features for Windows 10; this release focuses on fixes tied to the May 2026 Patch Tuesday cycle, which corrected 120 vulnerabilities.

Installation path for eligible systems

Systems running Windows 10 Enterprise LTSC or enrolled in the Extended Security Updates (ESU) program can install KB5087544 through the standard Windows Update workflow: open Settings, click Windows Update, and perform a manual "Check for Updates." The update is distributed as a quality/security rollup rather than a feature release.

Remote Desktop warning dialog rendering fixed

One explicit bug addressed by KB5087544 fixes how the Remote Desktop Connection security warning dialog renders in certain multi-monitor setups. Microsoft says the dialog "might render incorrectly in multi-monitor configurations with different display scaling settings." That condition could occur after installing a Windows security update released on April 14, 2026 that the changelog references as KB5087544.

Secure Boot: status reporting, targeted certificates, and phased rollout

The update enables dynamic status reporting for Secure Boot states within the Windows Security app. It also updates how Windows quality updates carry "additional high confidence device targeting data," which Microsoft says increases the coverage of devices eligible to automatically receive new Secure Boot certificates. Devices will receive the new certificates only after demonstrating "sufficient successful update signals," a gating mechanism Microsoft describes as maintaining a controlled and phased rollout.

BitLocker recovery prompts: known issue and temporary workaround

Microsoft warns of a known issue where Windows may prompt users to enter their BitLocker recovery key after installing recent updates. The problem affects systems configured with a specific BitLocker Group Policy that includes PCR7 in the TPM validation profile, combined with several Secure Boot and boot manager conditions tied to the newer Windows UEFI CA 2023 certificate.

  • Microsoft's temporary workaround is explicit: remove the affected Group Policy setting, then suspend and resume BitLocker so the system regenerates the default PCR bindings.
  • Microsoft states it is working on a permanent fix while the workaround is recommended in the interim.

What this means for technologists, procurement leaders, and end users

  • Technologists and security teams: Deploy KB5087544 to eligible Enterprise LTSC and ESU machines through your normal update channels, and prepare to apply the recommended workaround on systems that use PCR7 in TPM validation profiles if BitLocker recovery prompts occur.
  • Procurement and device-management leaders: Note that quality updates now include additional device-targeting telemetry to broaden eligibility for Secure Boot certificate updates; devices will only receive new certificates after "sufficient successful update signals," so expect a phased, signal-driven rollout across your fleet.
  • End users and administrators: If you encounter a BitLocker recovery prompt after recent updates, follow the stated workaround — removing the specific Group Policy setting and suspending/resuming BitLocker — and consult your organization's update policy before making Group Policy changes. Eligible systems can obtain the update by checking Windows Update in Settings.

KB5087544 bundles a large security fix set with a handful of sensitive operational changes — Secure Boot certificate handling and a BitLocker policy interaction — that both require attention from administrators. For eligible installations the path is straightforward via Windows Update; for organizations that use PCR7 in TPM validation or have complex boot configurations, the temporary workaround should be applied carefully while Microsoft prepares a permanent correction.

Read the original advisory and changelog at BleepingComputer: https://www.bleepingcomputer.com/news/microsoft/microsoft-releases-windows-10-kb5087544-extended-security-update/

Emerging ThreatsMicrosoftPatch TuesdaySecure BootWindows 10Extended Security UpdateRemote DesktopVulnerability PatchingKB5087544
Related Intelligence

Continue Reading

Diverse group of people collaborate around a large table with laptops and notes.

AI Exposes Thousands of Open-Source Vulnerabilities

This summer is shaping up to be a wild ride, with thousands of open-source vulnerabilities exposed and a new coalition, Athena, stepping in to save the day with AI-powered solutions. Led by Chainguard, Athena brings together over two dozen major companies to tackle the problem head-on.

Analyst 207
Diverse group of people engaged in respectful conversation around a table with laptops and notebooks.

Cybersecurity Forum Opens Weekend Discussion Thread

Join the weekend Bunker Talk thread, where the community comes together for a refreshing, no-holds-barred discussion that's free from the usual toxicity - with one key rule: respectful, fact-based conversation, even when politics get involved. Share your thoughts, hash out differences, and engage with the best commenting crew on the net in a space that values civility and substance.

Analyst 207
Secret Service agent in airport terminal looks concerned at personal smartphone.

US Secret Service Exposes Agents to Cyber Risk with Lax Mobile Security

The US Secret Service is putting its agents at risk of cyber attacks by allowing them to use personal phones for work, with over 15,000 instances of unsecured calls made during critical operations. This lax mobile security leaves them vulnerable to hackers, despite having access to supposedly secure government-issued devices.

Analyst 207
Technician examines server rack with laptop in a brightly-lit network operations room.

CISA Mandates Urgent Patching for Exploited Cisco Flaw

Don't wait until it's too late: Cisco has issued a critical patch for a vulnerability (CVE-2026-20230) in its Unified Communications Manager Server, and the US Cybersecurity and Infrastructure Security Agency (CISA) is requiring urgent remediation by June 28. Act now to protect your system from potential remote exploitation.

Analyst 207