Microsoft Windows lifecycle updates: Windows 11 optional update and paid Extended Security Updates for 2016-era products
Microsoft released an optional, non-security update for Windows 11 versions 25H2 and 24H2 (KB5077241), advancing OS builds to 26200.7922 and 26100.7922. Reported changes focus on functionality and reliability, including UI updates (e.g., redesigned battery icons and a refreshed Start menu experience), updates to Windows AI-related components, and a servicing stack update (SSU) KB5077371 intended to improve the robustness of future update installation; the rollout is described as phased/gradual before broader availability.
Separately, Microsoft outlined approaching end-of-support deadlines for Windows 10 Enterprise LTSB 2016, Windows 10 IoT Enterprise 2016 LTSB (both ending Oct 13, 2026), and Windows Server 2016 (ending Jan 12, 2027), after which only a paid Extended Security Updates (ESU) program can provide security patches for up to three additional years. Microsoft emphasized ESU provides security updates only (no new features, quality fixes, or technical support), with pricing starting at $61/device for year one (discounted to $45/device for Intune/Windows Autopatch-managed systems) and doubling each year; Windows Server 2016 ESU pricing was not disclosed, and Microsoft recommended upgrading to newer LTSC/LTS releases as the preferred path.
Get ahead of threats like this
Mallory correlates global threat intelligence with your attack surface — know if you’re exposed before adversaries strike.
How this story unfolded
5 events from the most recent confirmed update back to the earliest known activity.
Microsoft releases servicing stack update KB5077371
Alongside KB5077241, Microsoft released servicing stack update KB5077371, updating the servicing stack to version 26100.7911 to improve the reliability of future update installation. Microsoft said it was not aware of any issues with the release.
Microsoft releases optional KB5077241 update for Windows 11 25H2 and 24H2
Microsoft released optional non-security update KB5077241 for Windows 11 versions 25H2 and 24H2, raising build numbers to 26200.7922 and 26100.7922. The update adds functionality, performance, and reliability improvements, including redesigned battery icons, a refreshed Start menu rollout, and updated AI-related Windows components.
EEA Windows 10 ESU policy changed after Euroconsumers pressure
Microsoft changed its ESU policy in the European Economic Area after pressure from Euroconsumers, allowing Windows 10 users to receive ESU until 2026-10-14 without payment and without requiring Microsoft cloud backup of settings, apps, or credentials. The reference does not specify the exact date of the policy change.
Microsoft offers paid ESU program for affected Windows versions
Microsoft announced a paid Extended Security Updates program for the affected 2016 Windows products, allowing customers to buy up to three additional years of security updates after end of support. Pricing starts at $61 per device for year one, or $45 for devices managed through Microsoft Intune or Windows Autopatch, and doubles each year.
Microsoft announces end-of-support dates for 2016 Windows products
Microsoft said Windows 10 Enterprise LTSB 2016 and Windows 10 IoT Enterprise 2016 LTSB will reach end of support on 2026-10-13, while Windows Server 2016 will reach end of support on 2027-01-12. After those dates, the products will no longer receive security patches, fixes, updates, technical support, or documentation updates.
Related entities
Vulnerabilities, threat actors, malware, products, organizations, and breaches Mallory has linked to this story.
Sources
2 references tracked. Mallory keeps watching after this page renders.
See the full picture, correlated to your attack surface.
Map indicators from this story to your assets and identify affected systems in minutes.
Every observed campaign, victim, and pivot linked to actors named in this story.
Malware, exploits, and IOCs connected to the activity described here.
YARA, Sigma, and Snort rules deployed to your SIEM as soon as they’re published.
Get matching new stories delivered to your team as they break — not the next morning.
Ask questions about this story and take action on the answers.
Related stories
Other stories Mallory is tracking that overlap on entities, sources, or topic labels.
Microsoft Windows lifecycle and update changes affecting Windows 10/Server 2016 and Windows 11
Microsoft is warning organizations that **Windows Server 2016**, **Windows 10 Enterprise LTSB 2016**, and **Windows 10 IoT Enterprise 2016 LTSB** are approaching end of support, after which they will no longer receive security patches, bug fixes, or technical support. Reported lifecycle dates include **October 13, 2026** for the Windows 10 2016 LTSB variants and **January 12, 2027** for Windows Server 2016; Microsoft’s guidance is to prioritize upgrades (e.g., to **Windows Server 2025** and Windows 10/11 LTSC options where hardware permits) and, if migration timelines slip, to use the **Extended Security Updates (ESU)** program as a short-term bridge for up to three years with only “critical” and “important” security updates. Separately, Microsoft released the **Windows 11 KB5077241** optional (non-security) preview cumulative update with 29 quality changes, including **BitLocker reliability** improvements (addressing freezes after entering a recovery key) and new built-in capabilities such as a taskbar **network speed test** and **native Sysmon functionality** (disabled by default). The update also enables **Quick Machine Recovery (QMR)** by default on certain unmanaged Windows Pro devices and is positioned for admin testing ahead of the next Patch Tuesday release, but it does **not** include security fixes.
Mar 21, 2026
Microsoft Extends Consumer Windows 10 ESU Coverage Through October 2027
Microsoft has extended the **consumer** Windows 10 Extended Security Updates (ESU) program by an additional year, allowing enrolled personal devices running Windows 10 `22H2` to continue receiving critical and important security updates until **October 12, 2027**. The change appeared in updated Microsoft documentation rather than a formal announcement, and applies to home-user systems after Windows 10 reached end of support in October 2025. Microsoft said users already enrolled in consumer ESU will receive the extension automatically with no further action required. Enrollment remains available through a Microsoft account settings sync, **1,000 Microsoft Rewards points**, or a **$30** one-time fee, while eligibility is limited to personal devices and excludes domain-joined or MDM-managed systems. The extension preserves access to monthly security fixes, including updates such as Secure Boot certificate-related patches, for users who have not yet migrated to Windows 11.
Jun 26, 2026
Windows 11 25H2/24H2 Preview Updates Add AI Features and Flag Secure Boot Certificate Expiration
Microsoft began rolling out **Windows 11 preview updates** for versions **25H2 and 24H2** (including the optional non-security preview update `KB5074105` and Release Preview builds `26200.7701`/`26100.7701`) focused on functionality, performance, and reliability improvements rather than patching new security vulnerabilities. The updates emphasize expanded **AI-driven experiences** (including refinements to Copilot+ PC-related models and more natural-language assistance within Settings), along with usability changes and a simplified Windows update title format intended to reduce administrative friction in tools like **WSUS** and **Microsoft Configuration Manager**. Alongside these feature updates, Microsoft highlighted an operational security risk: **Windows Secure Boot certificates** used by most Windows devices are expected to begin expiring in **June 2026**, and organizations that do not update Certificate Authority (CA) material in time may face devices that cannot boot securely. Separately, consumer guidance circulated on bypassing Windows 11 hardware eligibility checks (notably **TPM 2.0** requirements) to upgrade “unsupported” PCs; while this may extend device usability after Windows 10 support ended, it can also undermine Microsoft’s intended security baseline and increase enterprise risk if adopted outside controlled policy.
Mar 21, 2026