Microsoft has released the Windows 10 KB5082200 extended security update, addressing 167 vulnerabilities including 2 zero-days, while introducing new Remote Desktop phishing protections and Secure Boot certificate rollout monitoring.
Microsoft has released the Windows 10 KB5082200 extended security update to fix the April 2026 Patch Tuesday vulnerabilities, including 2 zero-days. This update brings some interesting changes, including new Remote Desktop Protocol file phishing protections and new Windows Security indicators that provide the status of the rollout of new Secure Boot certificates.
If you are running Windows 10 Enterprise LTSC or are enrolled in the ESU program, you can install this update like normal by going into Settings, clicking on Windows Update, and manually performing a 'Check for Updates.'
After installing this update, Windows 10 will be updated to build 19045.7184, and Windows 10 Enterprise LTSC 2021 will be updated to build 19044.7184.
What's new in Windows 10 KB5082200
Microsoft is no longer releasing new features for Windows 10, and the KB5082200 update primarily contains security updates and bug fixes. With today's April 2026 Patch Tuesday, Microsoft has fixed 167 vulnerabilities, including two zero-day flaws.
The complete list of fixes is below:
Sign-In
Fixed: After you install the Windows update released on or after March 10, 2026, some users might experience an issue signing in to apps with a Microsoft account. Even when the device has a working Internet connection, a "no Internet" error appears during sign in and prevents access to Microsoft services and apps such as Microsoft Teams.
Remote Desktop
This update improves protection against phishing attacks that use Remote Desktop (.rdp) files. When you open an .rdp file, Remote Desktop shows all requested connection settings before it connects, with each setting turned off by default. A one-time security warning also appears the first time you open an .rdp file on a device.
For more information, see Understanding security warnings when opening Remote Desktop (RDP) files.
Secure Boot
This update enables dynamic status reporting for Secure Boot states in the Windows Security App (Settings > Update & Security > Windows Security). Learn more about the status alerts via badges and notifications.
Note that these enhancements are disabled by default on commercial devices and servers.
This update fixes an issue that could cause a device to enter BitLocker Recovery after Secure Boot updates. With this update, Windows quality updates include additional high confidence device targeting data, increasing coverage of devices eligible to automatically receive new Secure Boot certificates. Devices receive the new certificates only after demonstrating sufficient successful update signals, maintaining a controlled and phased rollout.
As explained in the changelog above, this update fixes a longstanding issue that causes some Intel-based devices that support Connected Standby to enter the BitLocker recovery screen when restarted.
Microsoft is also continuing to roll out new Secure Boot certificates to replace older 2011 certificates that expire in June 2026. With this update, Windows users can go into Windows Security to check the status of this rollout.
Microsoft states that there are no known issues with this update.
Enhanced Security Features
The new Remote Desktop phishing protections represent a significant security improvement for organizations that frequently use .rdp files for remote access. By requiring users to explicitly review and enable connection settings, Microsoft is closing a potential attack vector that could have allowed malicious actors to configure remote connections with elevated privileges or to untrusted servers.
Security researchers have long warned about the dangers of .rdp files, which can contain embedded credentials and connection parameters. The new security warning system will help users make more informed decisions about remote connections, particularly when dealing with files received via email or other untrusted sources.
Secure Boot Certificate Management
The addition of Secure Boot status reporting in Windows Security provides administrators with better visibility into the certificate replacement process. This is particularly important as Microsoft phases out older Secure Boot certificates that are approaching their expiration date.
The controlled rollout approach, which requires devices to demonstrate successful update signals before receiving new certificates, helps ensure a smooth transition and minimizes the risk of boot failures. This phased deployment strategy is especially critical for enterprise environments where boot failures could lead to significant downtime.
Installation and Deployment
For organizations running Windows 10 Enterprise LTSC or participating in the Extended Security Updates (ESU) program, this update should be deployed according to standard patch management procedures. The update is available through Windows Update, and administrators can also download it directly from the Microsoft Update Catalog.
Given the security-critical nature of the fixes included in this update, particularly the two zero-day vulnerabilities, organizations are advised to prioritize deployment, especially for systems that are exposed to external networks or handle sensitive data.
Related Security Updates
This release follows Microsoft's pattern of monthly security updates, which continue to be a critical component of Windows security even as the operating system reaches end-of-life status. Organizations still running Windows 10 should ensure they have proper ESU licensing in place to continue receiving these important security updates.
For more information about Microsoft's security update release schedule and supported versions, visit the Microsoft Security Update Guide.
Comments
Please log in or register to join the discussion