Microsoft has released its latest round of cumulative updates for March 2026, delivering essential security fixes and system improvements for Windows 11 users.
These mandatory updates target Windows 11 versions 25H2 and 24H2 (KB5079473) and version 23H2 (KB5078883), focusing on Secure Boot enhancements, system stability, and bug fixes.
Updates for Versions 25H2 and 24H2
The KB5079473 update brings several targeted improvements for the newest versions of Windows 11. This release upgrades system builds to 26200.8037 and 26100.8037.
Key changes in this update include:
- Secure Boot Enhancements: Microsoft is expanding its phased rollout of new Secure Boot certificates, targeting devices that have demonstrated successful update signals.
- File Explorer Fixes: The update resolves reliability issues when users search across multiple storage drives or use the “This PC” view.
- Windows Defender Application Control (WDAC): Microsoft fixed an issue where WDAC policies incorrectly blocked COM objects when endpoint security policies were stricter than allowlisting rules.
- AI Component Updates: Built-in AI features, including Image Search, Content Extraction, and Semantic Analysis, have been upgraded to version 1.2602.1451.0.
Updates for Version 23H2
For devices running Windows 11 version 23H2, the KB5078883 update applies security patches similar to those in previous updates, along with specific bug fixes.
Notable improvements include:
- New PowerShell Features: IT administrators can now use the Get-SecureBootUEFI -Decoded command to view Secure Boot keys in a readable format. A new Get-SecureBootSVN command allows users to check if their device’s firmware meets the latest Secure Boot policies.
- File History Reliability: Users backing up files with Chinese characters or Private Use Area characters will no longer experience failures in the Control Panel’s File History tool.
- Graphics Stability: This update prevents crashes and improves reliability during intensive graphics use, such as running 3D applications and video games.
- Font Updates: Microsoft has updated Windows fonts to display the new Saudi Riyal currency symbol correctly.
Both cumulative updates include important security and quality-of-life changes that apply across all supported Windows 11 versions.
Microsoft has improved the Windows System Image Manager to help administrators choose trusted catalog files.
The system will now display a warning dialog box requiring users to confirm that their selected file comes from a trusted source before proceeding.
Additionally, these releases include Servicing Stack Updates (SSUs). SSUs are critical components that manage the installation of Windows updates.
Updating the servicing stack ensures that devices can reliably receive and process future Microsoft patches.
These cumulative updates are available through standard release channels, including Windows Update, Windows Update for Business, the Microsoft Update Catalog, and Server Update Services. For most users, the update will download and install automatically.
Microsoft notes that because the latest Servicing Stack Update is combined with the cumulative update, users cannot remove the SSU once it is installed on the system.
System administrators who need to remove the cumulative update must use specific DISM command-line tools rather than the standard standalone installer.
Follow us on Google News, LinkedIn, and X for daily cybersecurity updates. Contact us to feature your stories.
