Patchday: Windows 10/11 Updates (May 13,  2025)

Posted on 2025-05-14 by guenni

Windows[German]On May 13 (second Tuesday of the month, Patchday at Microsoft), Microsoft released cumulative updates for the still supported client operating system versions of Windows 10 and Windows 11. Here are some details about these updates, which are intended to fix vulnerabilities and problems.

Advertising

Updates f0r Windows 11

A list of Windows 11 updates can be found on this Microsoft website. I have extracted the details below. Microsoft is now providing the following updates for the Windows 11 version mentioned above.

Update KB5058411 for Windows 11 24H2

Cumulative Update KB5058411 contains quality improvements and security patches. This update makes various security improvements to internal operating system functions (see Microsoft Security Update Summary (May 13, 2025)). Microsoft lists some details on fixes (microphone, eye controller) in the support article. Further details can be found in the preview update of the previous month (see Windows 10/11: Preview Updates April 22 and 25, 2025).

This update is automatically downloaded and installed by Windows Update, but is also available in the Microsoft Update Catalog and via WSUS and WUfB. The Windows 11 Servicing Stack Update is integrated in the patch. Any issues caused by the update are listed in the support article.

Important: Prerequisite for installation is that the CheckPoint update KB5043080 from September 10, 2024 is installed (see also my article Windows 11 24H2: Update KB5051987 fails with installation error 0x800F0838 from February 2025).

Update KB5058405 for Windows 11 22H2-23H2

Cumulative Update KB5058405 contains quality improvements and security patches. This update makes various security improvements to internal operating system functions (see Microsoft Security Update Summary (May 13, 2025)). Microsoft lists the following fixes:

  • [Secure Boot Advanced Targeting (SBAT) and Linux Extensible Firmware Interface (EFI)] This update applies improvements to SBAT for the detection of Linux systems.
  • [Windows Update] Fixed: This update addresses an issue where you might be unable to update to Windows 11, version 24H2 via WSUS. The download might not start or complete, showing error code 0x80240069 and logs with "Service has unexpectedly stopped".

This update is automatically downloaded and installed by Windows Update, but is also available in the Microsoft Update Catalog and via WSUS and WUfB. The Windows 11 Servicing Stack Update is integrated in the patch. Any problems caused by the update, if known, are listed in the support article.

Advertising

Windows 11 version 22H2 Home and Pro are no longer supported. The Enterprise and Education versions will continue to receive security updates.

Updates for Windows 10

A list of the updates can be found on this Microsoft website. I have extracted the details below.

Update KB5058379 for Windows 10 Version 21H2 – 22H2

Cumulative Update KB5058379 contains security fixes that are mentioned in the article Microsoft Security Update Summary (May 13, 2025). In version 21H2, only the Enterprise, Education and IoT versions are still supported. The update also includes the following fix:

[Secure Boot Advanced Targeting (SBAT) and Linux Extensible Firmware Interface (EFI)] This update applies improvements to SBAT for the detection of Linux systems.

Microsoft also points out that this update makes quality improvements to the Servicing Stack (responsible for Microsoft updates). This update is automatically downloaded and installed by Windows Update, but is also available in the Microsoft Update Catalog and via WSUS and WUfB. Please note the information on installation (provided SSU) and any known problems (e.g. in Citrix environments) described in the support article.

Update KB5058392 for Windows 10 Enterprise 2019 LTS

Cumulative Update KB5058392 (is sorted under Windows 10 v1809, but refers to Windows 10 2019 Enterprise LTSC and IoT Enterprise LTSC) and includes unspecified security fixes mentioned in the blog post Microsoft Security Update Summary (May 13, 2025). The following improvements are also included:

  • [OS Security] Updates to the Windows Kernel Vulnerable Driver Blocklist (DriverSiPolicy.p7b). Additions have been made to blocklist drivers with security vulnerabilities that have been used in Bring Your Own Vulnerable Driver (BYOVD) attacks.
  • [GRFX-Graphics] This update addresses an issue causing an error message on a blue screen particularly in cases linked to recent GDI updates with CHS GB18030-2022 fonts. Corruption occurs while the associated thread remains active, leading to an error message.
  • [Secure Boot Advanced Targeting (SBAT) and Linux Extensible Firmware Interface (EFI)] This update applies improvements to SBAT for the detection of Linux systems.

The update is automatically downloaded and installed by Windows Update, but is also available in the Microsoft Update Catalog, via WSUS and WUfB. Microsoft has also updated the Service Stack Update (SSU). Please note the installation requirements described in the support article and information on possible problems (e.g. Citrix).

Updates for Windows 10 1507 and 1607

Updates for the Enterprise LTSC versions are available for Windows 10 RTM and version 1607. These updates are automatically downloaded and installed by Windows Update, but are available for download in the Microsoft Update Catalog (search for the KB number). The latest Servicing Stack Update (SSU) must be installed before manual installation. Details can be found in the respective KB article.

  • Windows 10 Version 1607: Update KB5058383 is only available for Enterprise LTSC and Windows Server 2016. The update addresses security issues and contains a fix "Secure Boot Advanced Targeting (SBAT) and Linux Extensible Firmware Interface (EFI)".
  • Windows 10 Version 1507: UpdateKB5058387 is available (since April 9, 2025) for the RTM version (LTSC). The update addresses security issues and contains a fix "Secure Boot Advanced Targeting (SBAT) and Linux Extensible Firmware Interface (EFI)".

The installation requirements and any known problems listed in the support articles must also be taken into account for these two updates.

There was no update for the remaining Windows 10 versions, as these versions are no longer supported. If in doubt, details on the above updates can be found in the respective Microsoft KB articles.

Similar articles:
Microsoft Security Update Summary (May 13, 2025)
Patchday: Windows 10/11 Updates (May 13,  2025)
Patchday: Windows Server-Updates (May 13,  2025)
Patchday: Microsoft Office Updates (May 13, 2025)

Windows 10/11: Preview Updates April 22 and 25, 2025

Advertising
This entry was posted in Security, Update, Windows and tagged , , , . Bookmark the permalink.

Leave a Reply

Your email address will not be published. Required fields are marked *

Note: Please note the rules for commenting on the blog (first comments and linked posts end up in moderation, I release them every few hours, I rigorously delete SEO posts/SPAM).