Skip to main content
Press slash or control plus K to focus the search. Use the arrow keys to navigate results and press enter to open a threat.
Reconnecting to live updates…

Microsoft releases Windows 10 KB5099539 extended security update

0
Medium
Vulnerabilitywindows
Published: 07/14/2026 (07/14/2026, 18:49:28 UTC)
Source: Bleeping Computer

Description

Microsoft released the Windows 10 KB5099539 extended security update, which includes the July 2026 Patch Tuesday fixes addressing 570 vulnerabilities, including two exploited and one publicly disclosed zero-day. This update is part of the extended security updates (ESU) program for Windows 10, now extended to October 12, 2027, for enrolled devices. It primarily contains security patches and bug fixes without new features, updating Windows 10 to build 19045.7548 and Windows 10 Enterprise LTSC 2021 to build 19044.7548. Notable fixes include resolving issues in OLE Automation, File Explorer, Recycle Bin, input hotkey behavior, Secure Boot status reporting, networking transport registration, and Remote Desktop security enhancements. Some legacy applications using unregistered TDI transports may stop working due to new security hardening. Microsoft recommends migrating to SHA-256 for RDP certificate thumbprints to avoid future disruptions.

AI-Powered Analysis

Machine-generated threat intelligence

AILast updated: 07/14/2026, 19:03:06 UTC

Technical Analysis

The Windows 10 KB5099539 update is an extended security update released by Microsoft as part of the July 2026 Patch Tuesday, addressing 570 vulnerabilities including two exploited and one publicly disclosed zero-day. It updates Windows 10 and Windows 10 Enterprise LTSC 2021 to specific builds and includes fixes for known issues in OLE Automation, File Explorer, Recycle Bin, input hotkeys, Secure Boot, networking TDI transport registration, and Remote Desktop security. The update enforces stricter security requirements such as TDI transport registration, which may impact legacy applications. It also enhances Secure Boot status reporting and introduces support for SHA-2 certificate thumbprints in RDP. The update is available to devices enrolled in the Extended Security Updates program, which Microsoft extended through October 12, 2027.

Potential Impact

This update addresses a large number of vulnerabilities (570), including actively exploited and publicly disclosed zero-day flaws, thereby reducing the attack surface on Windows 10 systems enrolled in the ESU program. The security hardening of TDI transport registration may cause compatibility issues with legacy applications using unregistered third-party TDI transports. The update improves Secure Boot security and Remote Desktop security by encouraging migration to stronger certificate algorithms. Failure to apply this update may leave systems vulnerable to known exploits and security issues fixed by this patch.

Mitigation Recommendations

A security update (KB5099539) is available and should be installed by Windows 10 Enterprise LTSC and ESU-enrolled devices via Windows Update. Microsoft manages remediation for this update through the ESU program, which has been extended until October 12, 2027. IT administrators should verify application compatibility, especially for legacy software using unregistered TDI transports, by checking Event Viewer for Event ID 16003. Migration to SHA-256 certificate thumbprints for RDP is recommended to avoid future disruptions. No additional mitigation actions are indicated beyond applying the update and following Microsoft's guidance.

Pro Console: star threats, build custom feeds, automate alerts via Slack, email & webhooks.Upgrade to Pro

Technical Details

Article Source
{"url":"https://www.bleepingcomputer.com/news/microsoft/microsoft-releases-windows-10-kb5099539-extended-security-update/","fetched":true,"fetchedAt":"2026-07-14T19:02:51.673Z","wordCount":1019}

Threat ID: 6a5687db68715ace4309665a

Added to database: 07/14/2026, 19:02:51 UTC

Last enriched: 07/14/2026, 19:03:06 UTC

Last updated: 07/15/2026, 04:28:27 UTC

Views: 58

Community Reviews

0 reviews

Crowdsource mitigation strategies, share intel context, and vote on the most helpful responses. Sign in to add your voice and help keep defenders ahead.

Sort by
Loading community insights…

Want to contribute mitigation steps or threat intel context? Sign in or create an account to join the community discussion.

Actions

PRO

Updates to AI analysis require Pro Console access. Upgrade inside Console → Billing.

Please log in to the Console to use AI analysis features.

Need more coverage?

Upgrade to Pro Console for AI refresh and higher limits.

For incident response and remediation, OffSeq services can help resolve threats faster.

Latest Threats

Breach by OffSeqOFFSEQFRIENDS — 25% OFF

Check if your credentials are on the dark web

Instant breach scanning across billions of leaked records. Free tier available.

Scan now
OffSeq TrainingCredly Certified

Lead Pen Test Professional

Technical5-day eLearningPECB Accredited
View courses