Windows 10 Extended Security Updates and Installation Issues
Microsoft has extended free security updates for Windows 10 users until October 2026, allowing personal devices to continue receiving critical patches beyond the official end-of-support date. To access these updates, users must enroll their devices with a Microsoft account, and those in the European Economic Area automatically qualify. This extension is particularly beneficial for users whose PCs are not eligible for a Windows 11 upgrade, ensuring continued protection against vulnerabilities for millions of devices.
However, the rollout of the first Extended Security Update (ESU), KB5068781, has encountered technical issues for some business users. Devices activated via Windows subscription through the Microsoft 365 Admin Center are experiencing installation failures with error code 0x800f0922, causing the update to roll back after a restart. Microsoft has acknowledged the problem and is investigating, but no workaround or estimated fix date has been provided. Some organizations have also reported that not all eligible devices are being offered the update, complicating patch management for enterprise environments.
Get ahead of threats like this
Mallory correlates global threat intelligence with your attack surface — know if you’re exposed before adversaries strike.
How this story unfolded
4 events from the most recent confirmed update back to the earliest known activity.
Microsoft releases KB5072653 out-of-band update to fix ESU install errors
Microsoft released the out-of-band Windows 10 update KB5072653 to address the ESU installation problems tied to KB5068781. Multiple reports on November 17, 2025 described the update as the fix for the earlier install failures.
Microsoft confirms it is investigating the Windows 10 ESU update issue
Microsoft said it was investigating installation failures affecting some Windows 10 devices using Windows subscription activation through the Microsoft 365 Admin Center. At the time, the company had not provided a workaround or an ETA for a fix.
Admins report KB5068781 install failures and detection issues on some licensed devices
After deployment, some corporate administrators found that KB5068781 appeared to install but rolled back after reboot with error 0x800f0922. Others also reported that some properly licensed Windows 10 devices were not detecting that they needed the ESU update.
Microsoft releases Windows 10 ESU update KB5068781 on Patch Tuesday
Microsoft released KB5068781 on November 11, 2025 as the first Windows 10 Extended Security Updates (ESU) security update. The update was intended for eligible corporate-licensed Windows 10 devices.
Related entities
Vulnerabilities, threat actors, malware, products, organizations, and breaches Mallory has linked to this story.
Sources
4 references tracked. Mallory keeps watching after this page renders.
You can still get free Windows 10 security patches - here's how until October 2026
zdnet.com
Open sourceMicrosoft: Windows 10 KB5072653 OOB update fixes ESU install errors
bleepingcomputer.com
Open sourceMicrosoft fixes Windows 10 update flaw
csoonline.com
Open sourceMicrosoft: Windows 10 KB5068781 ESU update may fail with 0x800f0922 errors
bleepingcomputer.com
Open sourceSee the full picture, correlated to your attack surface.
Map indicators from this story to your assets and identify affected systems in minutes.
Every observed campaign, victim, and pivot linked to actors named in this story.
Malware, exploits, and IOCs connected to the activity described here.
YARA, Sigma, and Snort rules deployed to your SIEM as soon as they’re published.
Get matching new stories delivered to your team as they break — not the next morning.
Ask questions about this story and take action on the answers.
Related stories
Other stories Mallory is tracking that overlap on entities, sources, or topic labels.
Windows 10 Extended Security Updates Program and Support Messaging Bug
Microsoft has introduced the Windows 10 Extended Security Updates (ESU) program, allowing eligible consumer users to receive an additional year of security updates after official support for Windows 10 ended. The ESU can be accessed for free by using Windows Backup, redeeming Microsoft Rewards points, or through a one-time purchase, with special provisions for users in the European Economic Area. The program is limited to up to 10 devices per user and is not available for corporate or commercial licenses, requiring devices to run at least version 22H2 and be linked to an administrator Microsoft account. Following the October 2025 updates, a bug has caused some Windows 10 systems—including those enrolled in the ESU program and those running supported LTSC editions—to display incorrect end-of-support warnings. Microsoft clarified that this is a cosmetic issue and does not affect the delivery of security updates. A cloud configuration update has been deployed to address the erroneous messages, but some devices may require manual intervention using Group Policy and Known Issue Rollback. A permanent fix is planned for a future Windows update.
Mar 21, 2026
Windows 10 Extended Security Update Enrollment and Support Bug Fixes
Microsoft released emergency and cumulative updates to address critical issues affecting Windows 10 systems eligible for Extended Security Updates (ESU) following the operating system's official end of support. A significant bug prevented some Windows 10 PCs from enrolling in the ESU program, thereby blocking them from receiving essential security updates. To resolve this, Microsoft issued update KB5071959, which fixes the ESU enrollment wizard failure, and made it available to all Windows 10 22H2 systems. Additionally, the first ESU update, KB5068781, was released to provide ongoing security coverage for enrolled devices. These updates ensure that eligible users can continue to receive security patches and maintain system protection. Another issue addressed was a cosmetic bug that caused false "end of support" alerts on Windows 10 devices still under active support or enrolled in the ESU program. Microsoft resolved this with a cloud configuration update and the KB5068781 cumulative update, ensuring that users with valid ESU licenses or supported LTSC versions no longer see erroneous warnings. These actions are part of Microsoft's broader effort to support users transitioning from Windows 10, providing clear communication and technical fixes to maintain security during the extended support period.
Mar 21, 2026
Microsoft Extends Consumer Windows 10 ESU Coverage Through October 2027
Microsoft has extended the **consumer** Windows 10 Extended Security Updates (ESU) program by an additional year, allowing enrolled personal devices running Windows 10 `22H2` to continue receiving critical and important security updates until **October 12, 2027**. The change appeared in updated Microsoft documentation rather than a formal announcement, and applies to home-user systems after Windows 10 reached end of support in October 2025. Microsoft said users already enrolled in consumer ESU will receive the extension automatically with no further action required. Enrollment remains available through a Microsoft account settings sync, **1,000 Microsoft Rewards points**, or a **$30** one-time fee, while eligibility is limited to personal devices and excludes domain-joined or MDM-managed systems. The extension preserves access to monthly security fixes, including updates such as Secure Boot certificate-related patches, for users who have not yet migrated to Windows 11.
Jun 26, 2026