Security & Infrastructure Tools
Microsoft Releases Windows 10 KB5078885 Extended Security Update – Fixes Zero‑Days and Device Shut‑Down Issue
Microsoft released Windows 10 KB5078885, an extended security update that fixes 79 vulnerabilities—including two zero‑day exploits—and resolves issues such as devices unable to shut down or hibernate with Secure Launch enabled, folder renaming problems, and GPU stability bugs. The update updates Windows 10 to build 19045.7058 (or 19044.7058 for Enterprise LTSC 2021) and is available via the standard Update mechanism for users in the ESU program. It also continues the rollout of new Secure Boot certificates to replace expiring ones, ensuring ongoing boot security.
Microsoft has rolled out the Windows 10 KB 5078885 extended security update on March 10 2026, addressing the Patch Tuesday vulnerabilities that included two actively exploited zero‑day flaws and a critical issue that prevented certain devices from shutting down or entering hibernation.
If you’re running Windows 10 Enterprise LTSC or are part of the Extended Security Update (ESU) program, simply open Settings → Windows Update and click Check for Updates to install this patch. Once applied, Windows 10 will upgrade to build 19045.7058, while the 2021 Enterprise LTSC version moves to 19044.7058.
What’s in KB 5078885?
Unlike previous releases, Microsoft is no longer adding new features for Windows 10; this update contains only security and bug fixes from earlier cumulative updates. The patch covers a wide range of issues:
- Windows System Image Manager: A warning dialog now alerts users when selecting catalog files that may come from untrusted sources.
- File History: Improved handling of backup files, allowing new files with certain Chinese or Private Use Area characters to be backed up correctly.
- Graphics: Stabilization fixes for specific GPU configurations that caused crashes or performance issues.
- Secure Boot: Enhanced targeting data ensures a broader set of devices receive updated Secure Boot certificates automatically. This rollout is phased and relies on successful update signals from the device.
- Fonts: Adjustments to Chinese fonts to comply with GB18030‑2022A standards.
- OS Security (known issue): Fixes the problem where PCs capable of Secure Launch and Virtual Secure Mode (VSM) would restart instead of shutting down or hibernating after installing security updates released on or after January 13, 2026.
- Folders: Resolved an issue with folder renaming that ignored the
LocalizedResourceNamesetting in desktop.ini files, restoring custom folder names in File Explorer.
Additional Security Measures
Microsoft continues to roll out new Secure Boot certificates to replace older ones from 2011 that expire in June 2026. These certificates validate Windows boot components and third‑party bootloaders; expired certificates could allow threat actors to bypass security protections. The rollout ensures a smooth transition without compromising system integrity.
Summary
KB 5078885 addresses 79 vulnerabilities identified on Patch Tuesday, including two zero‑day flaws. It provides critical fixes for shutdown/hibernation failures, enhances Secure Boot coverage, and updates font compliance. No known issues remain with the update, so all Windows 10 Enterprise LTSC users should install it promptly to maintain optimal security posture.