Microsoft has released its latest security update for Windows 10, KB5071546, covering versions 22H2 (ESU) and 21H2 Enterprise LTSC 2021. This update continues extended servicing for organizations still operating Windows 10 and introduces several important security and reliability enhancements.
Microsoft is again advising administrators and users that Secure Boot certificates used by most Windows devices will begin expiring in June 2026. Secure Boot ensures that a system starts only with trusted software, and an expired certificate can interfere with protected boot operations.
To prevent disruptions, Microsoft recommends updating these certificates well in advance. Detailed preparation steps and updated certificate authority information are available in Microsoft’s Secure Boot documentation.
PowerShell 5.1 Hardening: Safer Script Execution
This cumulative update introduces a notable security enhancement to PowerShell 5.1:
Security Prompt Added to Invoke-WebRequest
PowerShell’s Invoke-WebRequest now includes a confirmation prompt when a script attempts to retrieve or execute content from the web.
This additional layer of verification—implemented as part of CVE-2025-54100—helps reduce the risk of unintentionally executing malicious or untrusted web-based scripts.
The change applies to both Windows 10 22H2 ESU and 21H2 LTSC.
Servicing Stack Enhancements
This update also includes the most recent Servicing Stack Update (SSU), which strengthens the underlying update infrastructure. Improvements in this release include:
- More reliable detection of Azure-hosted devices
- Updated certificate-chain validation used during update installation
- Overall stability improvements to support future updates
These enhancements help ensure smoother cumulative update installations and reduce the likelihood of update-related failures.
For most users, the update will install automatically through Windows Update or Microsoft Update
Administrators managing devices through enterprise deployment tools or custom offline images may have additional prerequisites and steps. Those scenarios apply primarily to IT-managed environments and are covered in Microsoft’s official documentation.
For the latest release information and technical details, visit the official update post here.
Leave a Reply