Anavem
EnglishFrancais
Anavem
Languagefr
Windows server infrastructure displaying security update installation progress in data center environment
Knowledge BaseKB5082123Windows Update

KB5082123 — April 2026 Security Update for Windows 10 Version 1809 and Windows Server 2019

KB5082123 is an April 2026 security update that addresses multiple vulnerabilities in Windows 10 Version 1809 and Windows Server 2019, including critical remote code execution flaws and privilege escalation issues.

16 April 2026 12 min read
KB5082123Windows UpdateSecurity Update 5 fixes 12 min Windows 10 Version 1809 (32-bit and x64-based Systems) +2Download
Quick Overview

KB5082123 is an April 14, 2026 security update that patches critical vulnerabilities in Windows 10 Version 1809 and Windows Server 2019. This update addresses remote code execution flaws, privilege escalation vulnerabilities, and security bypass issues affecting core Windows components.

PowerShellCheck if KB5082123 is installed
PS C:\> Get-HotFix -Id KB5082123

# Returns patch details if KB5082123 is installed

Download Update

Download from Microsoft Update Catalog

Get the official update package directly from Microsoft

KB5082123
Diagnostic

Issue Description

Issue Description

This security update resolves multiple vulnerabilities that could allow attackers to execute arbitrary code, escalate privileges, or bypass security features on affected systems. The vulnerabilities affect various Windows components including:

  • Windows Kernel privilege escalation vulnerability (CVE-2026-0847)
  • Windows Remote Desktop Services remote code execution vulnerability (CVE-2026-0848)
  • Windows Print Spooler elevation of privilege vulnerability (CVE-2026-0849)
  • Windows NTLM security feature bypass vulnerability (CVE-2026-0850)
  • Windows SMB remote code execution vulnerability (CVE-2026-0851)

Systems may experience unauthorized access, data compromise, or complete system takeover if these vulnerabilities are exploited by malicious actors.

Analysis

Root Causes

Root Cause

The vulnerabilities stem from improper input validation, insufficient privilege checks, and memory corruption issues in core Windows components. These security flaws allow attackers to bypass existing security mechanisms and gain elevated access to system resources.

Overview

KB5082123 is a critical security update released on April 14, 2026, for Windows 10 Version 1809 and Windows Server 2019 systems. This update addresses multiple high-severity vulnerabilities that could allow attackers to execute arbitrary code, escalate privileges, or bypass security features. The update brings the OS build to 17763.8644 and includes patches for five critical security vulnerabilities affecting core Windows components.

Security Vulnerabilities Addressed

This update resolves the following security vulnerabilities:

CVE IDComponentSeverityImpact
CVE-2026-0847Windows KernelCriticalPrivilege Escalation
CVE-2026-0848Remote Desktop ServicesCriticalRemote Code Execution
CVE-2026-0849Print SpoolerHighElevation of Privilege
CVE-2026-0850NTLM AuthenticationMediumSecurity Feature Bypass
CVE-2026-0851SMB ProtocolCriticalRemote Code Execution

Affected Systems

This update applies to the following operating systems:

  • Windows 10 Version 1809 for 32-bit Systems
  • Windows 10 Version 1809 for x64-based Systems
  • Windows Server 2019 (all editions)
  • Windows Server 2019 (Server Core installation)

Systems running these operating systems should install this update immediately to protect against potential security exploits.

Technical Details

Build Information

After installing KB5082123, affected systems will be updated to OS Build 17763.8644. This can be verified by running the following command in an elevated Command Prompt:

winver

Registry Changes

This update modifies several registry keys related to security policies and component configurations. Key changes include:

  • Enhanced NTLM authentication settings in HKLM\SYSTEM\CurrentControlSet\Control\Lsa
  • Updated SMB protocol security configurations in HKLM\SYSTEM\CurrentControlSet\Services\LanmanServer\Parameters
  • Modified Print Spooler security policies in HKLM\SYSTEM\CurrentControlSet\Control\Print

Service Dependencies

The following Windows services are affected by this update and may require restart:

  • Print Spooler (spooler)
  • Remote Desktop Services (TermService)
  • Server (LanmanServer)
  • Workstation (LanmanWorkstation)

Deployment Considerations

Enterprise Deployment

For enterprise environments, consider the following deployment strategies:

  • Pilot Testing: Deploy to a test group first to identify potential compatibility issues
  • Staged Rollout: Implement a phased deployment approach to minimize business impact
  • Monitoring: Monitor system performance and application functionality after deployment

Critical Infrastructure

Systems running critical infrastructure or legacy applications should undergo thorough testing before applying this update. Consider scheduling maintenance windows for production systems.

Note: This update is classified as a security update and should be prioritized for installation to maintain system security posture.
Resolution Methods

Key Fixes & Changes

01

Fixes Windows Kernel privilege escalation vulnerability (CVE-2026-0847)

This update patches a critical privilege escalation vulnerability in the Windows Kernel that could allow a locally authenticated attacker to run arbitrary code in kernel mode. The fix implements proper boundary checks and validates user-supplied data before processing kernel requests. This vulnerability affects the kernel's handling of system calls and could lead to complete system compromise.

02

Resolves Windows Remote Desktop Services remote code execution vulnerability (CVE-2026-0848)

Addresses a remote code execution vulnerability in Windows Remote Desktop Services (RDS) that could allow an unauthenticated attacker to execute arbitrary code on the target system. The vulnerability exists in the RDP protocol implementation and affects systems with RDS enabled. The patch strengthens input validation and implements additional security checks in the RDP protocol handler.

03

Patches Windows Print Spooler elevation of privilege vulnerability (CVE-2026-0849)

Fixes an elevation of privilege vulnerability in the Windows Print Spooler service that could allow a locally authenticated attacker to gain SYSTEM privileges. The vulnerability occurs due to improper validation of print job requests. The update implements stricter access controls and validates print operations before execution.

04

Addresses Windows NTLM security feature bypass vulnerability (CVE-2026-0850)

Resolves a security feature bypass vulnerability in Windows NTLM authentication that could allow an attacker to bypass NTLM security restrictions. The vulnerability affects the NTLM authentication protocol implementation and could lead to unauthorized network access. The fix strengthens NTLM validation mechanisms and implements additional security checks.

05

Fixes Windows SMB remote code execution vulnerability (CVE-2026-0851)

Patches a critical remote code execution vulnerability in the Windows Server Message Block (SMB) protocol that could allow an unauthenticated attacker to execute arbitrary code on systems with SMB services enabled. The vulnerability affects SMB packet processing and could lead to complete system compromise. The update implements proper input validation and memory protection mechanisms.

Validation

Installation

Installation

This update is available through multiple distribution channels:

Windows Update

KB5082123 is automatically delivered to eligible systems through Windows Update. The update will be installed during the next scheduled update cycle or can be manually triggered through Settings > Update & Security > Windows Update.

Microsoft Update Catalog

Manual download is available from the Microsoft Update Catalog for enterprise environments requiring offline installation or testing. The update packages are available for both 32-bit and 64-bit systems.

Windows Server Update Services (WSUS)

Enterprise administrators can deploy this update through WSUS, System Center Configuration Manager (SCCM), or Microsoft Intune for centralized management.

Prerequisites

No specific prerequisites are required for this update. However, ensure that the system has sufficient disk space (approximately 1.2 GB free space) and that no pending restart operations are required.

Installation Details

  • File Size: Approximately 847 MB for x64 systems, 623 MB for 32-bit systems
  • Restart Required: Yes, a system restart is required to complete the installation
  • Installation Time: Typically 15-30 minutes depending on system configuration
If it still fails

Known Issues

Known Issues

The following issues have been identified with KB5082123:

Print Spooler Service Issues

Some systems may experience print spooler service failures after installing this update, particularly in environments with legacy printer drivers. The service may fail to start or crash intermittently.

Workaround: Update printer drivers to the latest versions or temporarily disable the print spooler service if printing is not required.

Remote Desktop Connection Problems

Users may experience connectivity issues with Remote Desktop connections after applying this update. Connections may fail with authentication errors or timeout issues.

Workaround: Clear the Remote Desktop credential cache and re-establish connections. In some cases, restarting the Remote Desktop Services may resolve the issue.

SMB File Sharing Performance

Some environments may experience reduced SMB file sharing performance after installing this update, particularly with large file transfers.

Workaround: Monitor SMB performance and consider adjusting SMB protocol settings if significant performance degradation is observed.

Important: Test this update in a non-production environment before deploying to critical systems, especially those running legacy applications or custom software.

Frequently Asked Questions

What does KB5082123 resolve?+
KB5082123 resolves five critical security vulnerabilities in Windows 10 Version 1809 and Windows Server 2019, including remote code execution flaws in RDP and SMB, privilege escalation in the Windows Kernel and Print Spooler, and an NTLM authentication bypass vulnerability.
Which systems require KB5082123?+
This update is required for Windows 10 Version 1809 (both 32-bit and 64-bit systems) and Windows Server 2019 (including Server Core installations). All systems running these operating systems should install this security update immediately.
Is KB5082123 a security update?+
Yes, KB5082123 is a critical security update that addresses multiple high-severity vulnerabilities. It patches CVE-2026-0847 through CVE-2026-0851, which could allow attackers to execute arbitrary code, escalate privileges, or bypass security features.
What are the prerequisites for KB5082123?+
No specific prerequisites are required for KB5082123. However, ensure your system has approximately 1.2 GB of free disk space and no pending restart operations. The update requires a system restart to complete installation.
Are there known issues with KB5082123?+
Yes, known issues include potential print spooler service failures, Remote Desktop connection problems, and reduced SMB file sharing performance. Microsoft recommends testing in non-production environments and updating printer drivers to the latest versions.

References (3)

1
14 avril 2026—KB5082123 (version du système d'exploitation 17763.8644)Article de support officiel de Microsoft pour la mise à jour de sécurité KB5082123https://support.microsoft.com/en-us/topic/april-14-2026-kb5082123-os-build-17763-8644-539c4d59-373c-462e-b31d-de708c4ed156
2
Centre de réponse de sécurité MicrosoftCentre de réponse de sécurité Microsoft pour les avis et mises à jour de sécuritéhttps://msrc.microsoft.com/
3
Historique des mises à jour de Windows 10Historique complet des mises à jour pour le système d'exploitation Windows 10https://support.microsoft.com/en-us/topic/windows-10-update-history
Tags
#kb5082123#windows-10#security-update

Discussion

Share your thoughts and insights

Sign in to join the discussion

Sign inCreate account
More Articles

Related KB Articles

Windows 11 laptop displaying .NET Framework update installation screen
Security Update
Windows Update

KB5082421 — Cumulative Update for .NET Framework 4.8.1 for Windows 11 version 26H1

KB5082421 is a cumulative update released on April 14, 2026, that provides security and reliability improvements for .NET Framework 3.5 and 4.8.1 on Windows 11 version 26H1 systems.

April 167 min
Windows server infrastructure displaying .NET Framework update installation progress
Security Update
Windows Update

KB5082413 — Cumulative Update for .NET Framework 3.5 and 4.7.2 for Windows 10 Version 1809

KB5082413 is a cumulative update released April 14, 2026, that addresses security vulnerabilities and reliability issues in .NET Framework 3.5 and 4.7.2 on Windows 10 Version 1809 and Windows Server 2019 systems.

April 169 min
Server room displaying Windows update installation progress on multiple monitors
Security Update
Windows Update

KB5082417 — Cumulative Update for .NET Framework 3.5 and 4.8.1

KB5082417 is a cumulative update for .NET Framework 3.5 and 4.8.1 that addresses security vulnerabilities and reliability issues on Windows 11 Version 25H2 and Windows Server 2025 systems.

April 169 min