Microsoft ships Windows 11 KB5083769 and KB5082052 with RDP and BitLocker fixes
Microsoft released mandatory Windows 11 cumulative updates KB5083769 for versions 25H2/24H2 and KB5082052 for 23H2, delivering April Patch Tuesday security fixes alongside reliability and feature improvements. The 25H2 and 24H2 releases share the same changes because both are based on 24H2, and the update moves those branches to builds 26200.8246 and 26100.8246. Microsoft said the packages include protections against phishing through malicious .rdp files, Secure Boot certificate management improvements, and a fix for an issue that had pushed some systems into BitLocker Recovery after Secure Boot updates; the release also bundles servicing stack update KB5088467.
Get ahead of threats like this
Mallory correlates global threat intelligence with your attack surface — know if you’re exposed before adversaries strike.
How this story unfolded
3 events from the most recent confirmed update back to the earliest known activity.
Microsoft deploys server-side fix for KB5083769 BitLocker recovery issue
By 2026-04-19, Microsoft said it had already rolled out a server-side fix for the Windows 11 KB5083769 issue that could trigger BitLocker recovery prompts on a limited set of devices with a specific unrecommended Group Policy configuration. The company continued investigating separate reports that the update required multiple reboots or failed to install on some systems.
Microsoft discloses fixes and one known BitLocker-related issue
With the release, Microsoft detailed improvements including stronger protections against malicious .rdp phishing files, Secure Boot certificate management changes, a fix for some BitLocker Recovery boot issues, and reliability fixes across File Explorer, display handling, Remote Desktop, audio, and other components. Microsoft also noted a known issue where devices with an unrecommended BitLocker Group Policy configuration may require a recovery key after installation.
Microsoft releases April 2026 Windows 11 Patch Tuesday updates
On 2026-04-14, Microsoft released the mandatory April 2026 cumulative updates for Windows 11, including KB5083769 for versions 25H2/24H2 and KB5082052 for version 23H2. The updates included security fixes, bug fixes, feature improvements, and bundled servicing stack update KB5088467 for affected builds.
Related entities
Vulnerabilities, threat actors, malware, products, organizations, and breaches Mallory has linked to this story.
Sources
6 references tracked. Mallory keeps watching after this page renders.
No, Windows 11 KB5083769 is not causing BSODs or death loops, and you don't have to remove the update
windowslatest.com
Open sourceMacrium Reflect VSS problems after KB5083769 Windows 11 25H2 : r/macrium
reddit.com
Open sourceMicrosoft confirms Windows 11 KB5083769 issues, BitLocker alert on a few PCs, and multiple reboots for installation
windowslatest.com
Open sourceMicrosoft Releases Cumulative Update KB5083769 for Windows 11, Version 25H2 and 24H2
cybersecuritynews.com
Open sourceWindows 11 cumulative updates KB5083769 & KB5082052 released
bleepingcomputer.com
Open sourceApril 14, 2026-KB5083769 (OS Builds 26200.8246 and 26100.8246) - Microsoft Support
support.microsoft.com
Open sourceSee the full picture, correlated to your attack surface.
Map indicators from this story to your assets and identify affected systems in minutes.
Every observed campaign, victim, and pivot linked to actors named in this story.
Malware, exploits, and IOCs connected to the activity described here.
YARA, Sigma, and Snort rules deployed to your SIEM as soon as they’re published.
Get matching new stories delivered to your team as they break — not the next morning.
Ask questions about this story and take action on the answers.
Related stories
Other stories Mallory is tracking that overlap on entities, sources, or topic labels.
October 2025 Windows 11 Security and Feature Updates Deployment
Microsoft released cumulative updates KB5066835 and KB5066793 for Windows 11 versions 25H2/24H2 and 23H2 as part of the October 2025 Patch Tuesday. These updates are mandatory and address a range of security vulnerabilities discovered in previous months, ensuring that systems remain protected against the latest threats. The updates can be installed automatically through Windows Update or manually via the Microsoft Update Catalog, providing flexibility for both end users and enterprise administrators. After installation, the build numbers for Windows 11 25H2 and 24H2 are updated to Build 26200.6899 and 26100.6899, respectively, while 23H2 is updated to 226x1.6050. This release marks the first Patch Tuesday update for version 25H2, which shares its codebase with 24H2, resulting in identical fixes and improvements across both versions. Notably, this is the penultimate update for Windows 11 23H2, as its support is scheduled to end in November 2025. The update resolves several issues, including a bug that caused the print preview screen to freeze in Chromium-based browsers, and a problem where apps and games became unresponsive if users signed in with only a Gamepad at the lock screen. PowerShell Remoting and Windows Remote Management (WinRM) timeouts have been addressed, improving reliability for remote administration tasks. An issue preventing audit events from being logged has also been fixed, enhancing system monitoring and compliance. The update improves the setup process for Windows Hello face recognition, particularly when using USB infrared camera modules, ensuring smoother biometric authentication. Microsoft emphasizes the importance of keeping security intelligence up to date in its antimalware products, such as Microsoft Defender Antivirus, to maintain robust protection against evolving threats. Security intelligence updates are delivered automatically via Windows Update, but users and administrators can also trigger manual updates to ensure immediate coverage. These updates leverage cloud-based protection and AI-enhanced detection to rapidly identify and mitigate new malware and attack techniques. Microsoft provides troubleshooting resources for users experiencing issues with automatic updates, ensuring that security patches and intelligence updates are applied promptly. The integration of third-party materials in security intelligence updates is disclosed, maintaining transparency in the update process. Overall, the October 2025 Patch Tuesday updates represent a comprehensive effort by Microsoft to address security vulnerabilities, improve system stability, and enhance user experience across supported Windows 11 versions.
Mar 21, 2026
Microsoft expands Secure Boot fixes as Windows updates hit install and recovery issues
Microsoft released the June cumulative update `KB5093998` for Windows 11 23H2 with security fixes, broader Secure Boot certificate rollout support, and a new Group Policy/MDM option to limit Secure Boot service data sent to Microsoft. The update also fixes a known issue that could force some devices into **BitLocker Recovery** after boot file updates, while CERT/CC and Microsoft separately published advisories on a Secure Boot bypass affecting Microsoft-signed UEFI shim bootloaders, tracked as `CVE-2026-44815`. At the same time, Microsoft warned that some PCs upgraded from Windows 10 21H2/22H2 or Windows 11 23H2 to Windows 11 24H2 or 25H2 may fail to install the June 2026 cumulative updates, showing errors `0x80073712` or `0x800f0993` because of package and component store issues. Microsoft said an automatic fix is rolling out for unmanaged enterprise and Home devices after restart, while already affected systems may require removing a problematic package with DISM or performing an in-place upgrade; separate reporting also said recent HP BIOS updates and Dell SupportAssist software caused BitLocker loops and BSODs that were initially blamed on Windows but traced to OEM firmware and utilities.
Jun 17, 2026
Microsoft March Patch Tuesday Ships 83 Fixes and Windows 11 Cumulative Updates
Microsoft’s March Patch Tuesday security release shipped fixes for **83 vulnerabilities** across its enterprise software and services, and was notable for having **no actively exploited zero-days** for the first time in six months. Microsoft flagged **six** vulnerabilities as “more likely to be exploited,” and noted two issues—`CVE-2026-21262` and `CVE-2026-26127`—were **publicly known** at release. Researchers highlighted an Excel information-disclosure issue, `CVE-2026-26144`, describing a scenario where an attacker could potentially induce a *Copilot Agent* to exfiltrate data in a **zero-click** style workflow, and also pointed to Office flaws `CVE-2026-26110` and `CVE-2026-26113` (CVSS 8.4) that could enable **arbitrary code execution** via the Office preview pane. Microsoft also released **mandatory Windows 11 cumulative updates** `KB5079473` (25H2/24H2) and `KB5078883` (23H2) that incorporate the March 2026 Patch Tuesday security fixes, along with additional non-security changes. The updates advance build numbers to **26200.8037/26100.8037** (25H2/24H2) and **22631.6783** (23H2), expand “high-confidence device targeting” to increase coverage for automatic delivery of new **Secure Boot certificates**, and include reliability improvements such as better File Explorer search across drives and changes to **Windows Defender Application Control (WDAC)** behavior for COM objects (policy listing support).
Mar 30, 2026