ANAVEM
FR
Reference
Windows laptop displaying system update installation screen
KB5078885Windows UpdateWindows

KB5078885 — March 2026 Security Update for Windows 10

KB5078885 is a March 2026 security update that addresses multiple vulnerabilities in Windows 10 versions 21H2 and 22H2, including critical fixes for Windows Kernel, Remote Desktop Services, and Windows Graphics components.

Emanuel DE ALMEIDAEmanuel DE ALMEIDA
11 Mar 202612 min read0 views

KB5078885 is a March 2026 security update that addresses multiple vulnerabilities in Windows 10 versions 21H2 and 22H2, including critical fixes for Windows Kernel, Remote Desktop Services, and Windows Graphics components.

Overview

KB5078885 is a March 10, 2026 security update for Windows 10 that updates systems to Build 19045.7058 (21H2) and Build 19044.7058 (22H2). This update addresses multiple security vulnerabilities and includes quality improvements for system stability.

In This Article

  1. Issue Description
  2. Root Cause
  3. 1Fixes Windows Kernel elevation of privilege vulnerabilities
  4. 2Resolves Remote Desktop Services remote code execution flaws
  5. 3Patches Windows Graphics Component memory corruption issues
  6. 4Addresses Windows Print Spooler privilege escalation vulnerabilities
  7. 5Updates Microsoft Edge WebView2 security components
  8. Installation
  9. Known Issues
  10. Frequently Asked Questions

Applies to

Windows 10 Version 21H2 (all architectures)Windows 10 Version 22H2 (all architectures)

Issue Description

Issue Description

This security update addresses several critical vulnerabilities that could allow attackers to execute arbitrary code, escalate privileges, or cause denial of service conditions. The following security issues are resolved:

  • Windows Kernel elevation of privilege vulnerabilities that could allow local attackers to gain SYSTEM privileges
  • Remote Desktop Services remote code execution vulnerabilities enabling network-based attacks
  • Windows Graphics Component memory corruption issues that could lead to arbitrary code execution
  • Windows Print Spooler vulnerabilities allowing privilege escalation
  • Microsoft Edge WebView2 security flaws affecting embedded browser components
  • Windows MSHTML Platform security bypass vulnerabilities

Root Cause

Root Cause

The vulnerabilities stem from improper input validation, memory management issues, and insufficient privilege checks in various Windows components. These security flaws exist due to inadequate bounds checking in kernel-mode drivers, improper handling of objects in memory by the Windows Graphics subsystem, and insufficient validation of user-supplied data in Remote Desktop Services.

1

Fixes Windows Kernel elevation of privilege vulnerabilities

This update patches multiple kernel-mode drivers to properly validate user input and prevent local privilege escalation attacks. The fixes include improved bounds checking in system call handlers and enhanced validation of kernel object references. These changes prevent attackers from exploiting memory corruption vulnerabilities to gain elevated privileges on the system.

2

Resolves Remote Desktop Services remote code execution flaws

The update addresses critical vulnerabilities in the Remote Desktop Services component that could allow remote attackers to execute arbitrary code. The fixes include improved input validation for RDP protocol messages, enhanced memory management in the terminal services subsystem, and strengthened authentication mechanisms to prevent unauthorized access attempts.

3

Patches Windows Graphics Component memory corruption issues

This update resolves several memory corruption vulnerabilities in the Windows Graphics subsystem, including the DirectX graphics kernel subsystem and GDI+ components. The fixes implement proper bounds checking for graphics operations, improved memory allocation handling, and enhanced validation of graphics driver interfaces to prevent exploitation through malformed graphics data.

4

Addresses Windows Print Spooler privilege escalation vulnerabilities

The update includes security improvements to the Windows Print Spooler service to prevent local privilege escalation attacks. The fixes implement stricter file system permissions, enhanced validation of print job data, and improved isolation between print operations to prevent unauthorized access to system resources.

5

Updates Microsoft Edge WebView2 security components

This update includes the latest security fixes for Microsoft Edge WebView2 runtime, addressing vulnerabilities in the embedded browser engine used by various applications. The fixes include improved sandboxing mechanisms, enhanced script execution controls, and strengthened cross-origin resource sharing policies.

Installation

Installation

KB5078885 is available through multiple distribution channels:

Windows Update

This update is automatically delivered to Windows 10 systems through Windows Update. The update will be installed during the next scheduled update cycle, typically during maintenance windows.

Microsoft Update Catalog

Manual download is available from the Microsoft Update Catalog for enterprise environments requiring offline installation. The update packages are approximately 450 MB for x64 systems, 380 MB for x86 systems, and 420 MB for ARM64 systems.

Windows Server Update Services (WSUS)

Enterprise administrators can deploy this update through WSUS, Microsoft System Center Configuration Manager (SCCM), or Microsoft Intune. The update is classified as a Security Update with a severity rating of Critical.

Prerequisites

No specific prerequisites are required for this update. However, systems must have sufficient disk space (minimum 1 GB free) and should have the latest servicing stack update installed for optimal installation experience.

Note: A system restart is required to complete the installation of this update.

Known Issues

Known Issues

The following known issues have been identified with KB5078885:

Installation Failures

Some systems may experience installation failure with error code 0x80070643 if Windows Update components are corrupted. To resolve this issue, run the Windows Update Troubleshooter or reset Windows Update components using the following PowerShell command:

Get-Service wuauserv, cryptSvc, bits, msiserver | Stop-Service
Rename-Item C:\Windows\SoftwareDistribution SoftwareDistribution.old
Rename-Item C:\Windows\System32\catroot2 catroot2.old
Get-Service wuauserv, cryptSvc, bits, msiserver | Start-Service

Remote Desktop Connection Issues

After installing this update, some users may experience intermittent connection failures when using Remote Desktop. This issue typically resolves itself after restarting the Remote Desktop Services on the target machine.

Graphics Driver Compatibility

Systems with older graphics drivers may experience display issues after installing this update. Ensure graphics drivers are updated to the latest version from the manufacturer before installing KB5078885.

Important: If you encounter persistent issues after installing this update, you can uninstall it through Settings > Update & Security > Windows Update > View update history > Uninstall updates.

Overview

KB5078885 is a critical security update released on March 10, 2026, for Windows 10 systems running versions 21H2 and 22H2. This update addresses multiple high-severity vulnerabilities across various Windows components and updates affected systems to Build 19045.7058 for version 21H2 and Build 19044.7058 for version 22H2.

Security Vulnerabilities Addressed

This comprehensive security update resolves several critical vulnerabilities that pose significant risks to system security:

Windows Kernel Vulnerabilities

Multiple elevation of privilege vulnerabilities in the Windows Kernel have been patched. These vulnerabilities could allow local attackers to execute code with elevated privileges, potentially compromising the entire system. The fixes include improved input validation, enhanced memory management, and strengthened privilege checks in kernel-mode components.

Remote Desktop Services Security Flaws

Critical remote code execution vulnerabilities in Remote Desktop Services have been addressed. These vulnerabilities could allow remote attackers to execute arbitrary code on target systems without authentication. The update implements enhanced protocol validation, improved memory handling, and strengthened authentication mechanisms.

Graphics Component Security Issues

Several memory corruption vulnerabilities in Windows Graphics components, including DirectX and GDI+, have been resolved. These vulnerabilities could be exploited through malformed graphics data to achieve arbitrary code execution. The fixes include improved bounds checking, enhanced memory allocation handling, and better validation of graphics operations.

Affected Systems

This update applies to the following Windows 10 versions and architectures:

Operating SystemVersionArchitectureNew Build
Windows 1021H2x86 (32-bit)19044.7058
Windows 1021H2x64 (64-bit)19044.7058
Windows 1021H2ARM6419044.7058
Windows 1022H2x86 (32-bit)19045.7058
Windows 1022H2x64 (64-bit)19045.7058
Windows 1022H2ARM6419045.7058

Installation Requirements

Before installing KB5078885, ensure your system meets the following requirements:

  • Minimum 1 GB of free disk space
  • Active internet connection for Windows Update delivery
  • Administrator privileges for manual installation
  • Latest servicing stack update (recommended)

The installation process requires a system restart to complete. Plan the installation during scheduled maintenance windows to minimize disruption to business operations.

Deployment Methods

Automatic Installation

Windows Update automatically delivers this security update to consumer and small business systems. The update is installed during regular maintenance windows, typically outside business hours.

Enterprise Deployment

Enterprise environments can deploy KB5078885 using:

  • Windows Server Update Services (WSUS): Centralized update management for domain-joined systems
  • Microsoft System Center Configuration Manager: Advanced deployment scheduling and reporting capabilities
  • Microsoft Intune: Cloud-based management for modern workplace scenarios
  • Group Policy: Automated update installation through Active Directory policies

Manual Installation

IT administrators can download the update packages from the Microsoft Update Catalog for offline installation scenarios. This method is useful for air-gapped environments or systems requiring manual update approval processes.

Post-Installation Verification

After installing KB5078885, verify the installation using the following methods:

PowerShell Verification

Get-HotFix -Id KB5078885

System Information

Check the system build number in Settings > System > About. The build number should reflect the updated version (19045.7058 or 19044.7058).

Windows Update History

Review the update installation status in Settings > Update & Security > Windows Update > View update history to confirm successful installation.

Quality Improvements

In addition to security fixes, KB5078885 includes several quality improvements:

  • Enhanced system stability for Windows Search indexing operations
  • Improved performance for file system operations on large volumes
  • Better compatibility with third-party antivirus software
  • Resolved issues with Windows Update error reporting
  • Enhanced reliability for Windows Defender Antivirus real-time protection

Frequently Asked Questions

What does KB5078885 resolve?
KB5078885 is a March 2026 security update that addresses multiple critical vulnerabilities in Windows 10, including Windows Kernel elevation of privilege flaws, Remote Desktop Services remote code execution vulnerabilities, Windows Graphics Component memory corruption issues, and Windows Print Spooler privilege escalation vulnerabilities.
Which systems require KB5078885?
This update applies to Windows 10 Version 21H2 and 22H2 across all architectures (x86, x64, and ARM64). Systems will be updated to Build 19044.7058 (21H2) or Build 19045.7058 (22H2) depending on the installed version.
Is KB5078885 a security update?
Yes, KB5078885 is classified as a Critical security update that addresses multiple high-severity vulnerabilities across various Windows components. It includes fixes for privilege escalation, remote code execution, and memory corruption vulnerabilities that could be exploited by attackers.
What are the prerequisites for KB5078885?
No specific prerequisites are required, but systems should have at least 1 GB of free disk space and the latest servicing stack update installed for optimal installation. Administrator privileges are required for manual installation, and a system restart is necessary to complete the update.
Are there known issues with KB5078885?
Known issues include potential installation failures with error 0x80070643 due to corrupted Windows Update components, intermittent Remote Desktop connection issues, and possible display problems on systems with outdated graphics drivers. Most issues can be resolved by updating drivers or running Windows Update troubleshooter.

References (3)

1
10 mars 2026—KB5078885 (Versions du système d'exploitation 19045.7058 et 19044.7058)Article de support officiel de Microsoft pour KB5078885 avec des informations complètes sur l'installation et le dépannagehttps://support.microsoft.com/en-us/topic/march-10-2026-kb5078885-os-builds-19045-7058-and-19044-7058-5738282d-0b7f-426e-a42b-bd7698ab6dbb
2
Historique des mises à jour de Windows 10Historique complet des mises à jour de Windows 10, y compris les mises à jour de sécurité et les versions de fonctionnalités.https://support.microsoft.com/en-us/topic/windows-10-update-history
3
Catalogue Microsoft UpdateCentre de téléchargement pour l'installation manuelle des mises à jour Windows, y compris KB5078885https://www.catalog.update.microsoft.com/
#kb5078885#windows-10#security-update

About the Author

Emanuel DE ALMEIDA

Emanuel DE ALMEIDA

Senior IT Journalist & Cloud Architect

Microsoft MCSA-certified Cloud Architect | Fortinet-focused. I modernize cloud, hybrid & on-prem infrastructure for reliability, security, performance and cost control - sharing field-tested ops & troubleshooting.

Discussion

Share your thoughts and insights

You must be logged in to comment.

Log in
Loading comments...

Related KB Articles

Windows server infrastructure displaying security update installation progress in data center environment
KB5078752
Windows Update
KB Article

KB5078752 — March 2026 Security Update for Windows 10 Version 1809 and Windows Server 2019

KB5078752 is a March 2026 security update that addresses multiple vulnerabilities in Windows 10 Version 1809 and Windows Server 2019, including fixes for Windows Kernel, Remote Desktop Services, and Windows Graphics components.

Mar 1112 min
Windows 11 laptop displaying Windows Update security installation screen
KB5079420
Windows Update
KB Article

KB5079420 — March 2026 Hotpatch Security Update for Windows 11

KB5079420 is a March 2026 hotpatch security update that addresses critical vulnerabilities in Windows 11 Version 24H2 and 25H2 systems, delivering security fixes without requiring a system restart.

Mar 119 min
Windows laptop displaying system update installation screen
KB5079466
Windows Update
KB Article

KB5079466 — March 2026 Cumulative Update for Windows 11 Version 26H1

KB5079466 is a March 2026 cumulative update that addresses security vulnerabilities and system stability issues in Windows 11 Version 26H1, updating systems to OS Build 28000.1719.

Mar 1112 min
Server rack displaying Windows update installation screens in data center environment
KB5078938
Windows Update
KB Article

KB5078938 — March 2026 Security Update for Windows 10 Version 1607 and Windows Server 2016

KB5078938 is a March 2026 security update that addresses multiple vulnerabilities in Windows 10 Version 1607 and Windows Server 2016, including critical fixes for Windows kernel and networking components.

Mar 1112 min