KB5087537 is a May 12, 2026 security update for Windows 10 Version 1607 and Windows Server 2016 systems. This update addresses multiple security vulnerabilities and updates the OS build to 14393.9140.
Knowledge BaseKB5087537Windows Update
KB5087537 — May 2026 Security Update for Windows 10 Version 1607 and Windows Server 2016
KB5087537 is a May 2026 security update that addresses multiple vulnerabilities in Windows 10 Version 1607 and Windows Server 2016, bringing the OS build to 14393.9140.
13 May 2026 12 min read —
KB5087537Windows UpdateSecurity Update 5 fixes 12 min Windows 10 Version 1607 (32-bit and x64) +2Download
Quick Overview
PowerShell—Check if KB5087537 is installed
PS C:\> Get-HotFix -Id KB5087537# Returns patch details if KB5087537 is installed
Download Update
Download from Microsoft Update Catalog
Get the official update package directly from Microsoft
Diagnostic
Issue Description
Issue Description
This security update addresses multiple vulnerabilities that could allow attackers to execute arbitrary code, escalate privileges, or bypass security features on affected systems. The vulnerabilities affect various Windows components including:
- Windows Kernel components that could allow privilege escalation
- Remote Desktop Services vulnerabilities enabling remote code execution
- Windows Graphics Component security flaws
- Microsoft Message Queuing (MSMQ) vulnerabilities
- Windows Print Spooler service security issues
Without this update, systems remain vulnerable to potential security exploits that could compromise system integrity and data security.
Analysis
Root Causes
Root Cause
The vulnerabilities stem from improper input validation, memory management issues, and insufficient security checks in various Windows system components. These security flaws exist in the base Windows 10 Version 1607 and Windows Server 2016 codebase and require patching to prevent exploitation.
Overview
KB5087537 is a comprehensive security update released on May 12, 2026, for Windows 10 Version 1607 and Windows Server 2016 systems. This update brings the operating system build to 14393.9140 and addresses multiple critical security vulnerabilities across various Windows components.
Security Vulnerabilities Addressed
This security update resolves vulnerabilities in several key Windows components that could potentially be exploited by attackers to compromise system security. The affected components include:
Windows Kernel Components
Multiple privilege escalation vulnerabilities in the Windows kernel have been patched. These vulnerabilities could allow local attackers with limited privileges to gain elevated access to system resources. The fixes include enhanced memory management routines and improved validation of system calls.
Remote Desktop Services
Critical vulnerabilities in Remote Desktop Services that could enable remote code execution have been addressed. These security flaws could allow attackers to execute arbitrary code on target systems through specially crafted RDP requests. The update implements stronger authentication mechanisms and improved input validation.
Windows Graphics Components
Security issues in the Windows Graphics Device Interface (GDI) and related graphics subsystems have been resolved. These vulnerabilities could be exploited through malformed graphics files to achieve memory corruption and potential code execution. Enhanced bounds checking and validation routines have been implemented.
Microsoft Message Queuing (MSMQ)
Vulnerabilities in MSMQ that could lead to remote code execution have been patched. The fixes include improved message validation and enhanced security checks for queue operations to prevent processing of malicious messages.
Windows Print Spooler Service
Security flaws in the Print Spooler service that could result in privilege escalation or remote code execution have been addressed. The update includes enhanced driver validation and improved access controls for print-related operations.
Affected Systems
| Operating System | Architecture | Build Number | Status |
|---|---|---|---|
| Windows 10 Version 1607 | 32-bit (x86) | 14393.9140 | Supported |
| Windows 10 Version 1607 | 64-bit (x64) | 14393.9140 | Supported |
| Windows Server 2016 | 64-bit (x64) | 14393.9140 | Supported |
| Windows Server 2016 (Server Core) | 64-bit (x64) | 14393.9140 | Supported |
Installation Requirements
Before installing KB5087537, ensure your system meets the following requirements:
- Available disk space: Minimum 2 GB free space on the system drive
- System architecture: Compatible with both 32-bit and 64-bit systems
- Administrative privileges: Installation requires administrator rights
- Network connectivity: Required for automatic installation through Windows Update
Important: A system restart is mandatory to complete the installation process. Plan the installation during a maintenance window to minimize disruption.
Deployment Methods
Automatic Installation
For most users, KB5087537 will be automatically downloaded and installed through Windows Update. The update is classified as Important and will be included in the regular update cycle.
Manual Installation
Enterprise administrators can download the standalone update package from the Microsoft Update Catalog for manual deployment. This method is useful for testing environments or systems with restricted internet access.
Enterprise Deployment
Organizations using Windows Server Update Services (WSUS) or System Center Configuration Manager (SCCM) can deploy this update through their existing patch management infrastructure. The update supports both immediate deployment and scheduled installation scenarios.
Verification of Installation
To verify successful installation of KB5087537, use one of the following methods:
Windows Settings
Navigate to Settings > Update & Security > Windows Update > View update history to confirm the update appears in the installed updates list.
PowerShell Command
Get-HotFix -Id KB5087537System Information
Check that the OS build number has been updated to 14393.9140 in System Information (msinfo32.exe) or through the winver command.
Post-Installation Considerations
After installing KB5087537, monitor your systems for any compatibility issues with existing applications or services. While Microsoft has tested this update extensively, some third-party software may require updates to maintain full compatibility with the security enhancements.
Organizations should also review their security policies and procedures to ensure they align with the enhanced security features included in this update.
Resolution Methods
Key Fixes & Changes
01
Addresses Windows Kernel privilege escalation vulnerabilities
This update patches multiple kernel-level vulnerabilities that could allow local attackers to escalate privileges. The fixes include improved memory management in kernel mode drivers and enhanced validation of system calls to prevent unauthorized privilege elevation.
02
Resolves Remote Desktop Services security flaws
Patches critical vulnerabilities in Remote Desktop Services that could allow remote code execution. The update includes enhanced authentication mechanisms and improved input validation for RDP connections to prevent unauthorized access and code execution.
03
Fixes Windows Graphics Component vulnerabilities
Addresses security issues in the Windows Graphics Device Interface (GDI) and related graphics components. The fixes prevent potential memory corruption attacks through malformed graphics files and improve bounds checking in graphics rendering operations.
04
Updates Microsoft Message Queuing (MSMQ) security
Resolves vulnerabilities in MSMQ that could allow remote code execution. The update includes improved message validation and enhanced security checks for queue operations to prevent malicious message processing.
05
Patches Windows Print Spooler service vulnerabilities
Addresses security flaws in the Print Spooler service that could lead to privilege escalation or remote code execution. The fixes include enhanced driver validation and improved access controls for print operations.
Validation
Installation
Installation
Windows Update: This update is automatically delivered through Windows Update for supported systems. The update will be installed during the next scheduled update cycle.
Microsoft Update Catalog: Available for manual download from the Microsoft Update Catalog for enterprise deployment scenarios.
Windows Server Update Services (WSUS): Administrators can deploy this update through WSUS to managed systems in enterprise environments.
System Center Configuration Manager (SCCM): The update can be deployed through SCCM for centralized patch management.
Note: File size is approximately 1.2 GB for x64 systems and 950 MB for 32-bit systems. A system restart is required to complete the installation.
Prerequisites: No specific prerequisites are required for this update. However, ensure sufficient disk space is available for the installation process.
If it still fails
Known Issues
Known Issues
Microsoft has identified the following known issues with KB5087537:
- Installation failure on systems with limited disk space: The update may fail to install if less than 2 GB of free space is available on the system drive. Ensure adequate disk space before attempting installation.
- Temporary performance impact: Some users may experience temporary system slowdown during the first boot after installation while the system completes background optimization tasks.
- Custom driver compatibility: Certain third-party drivers may require updates to maintain compatibility with the security enhancements included in this update.
Workaround: If installation fails due to disk space, use Disk Cleanup or remove unnecessary files to free up space, then retry the installation through Windows Update.
Frequently Asked Questions
What does KB5087537 resolve?+
KB5087537 resolves multiple security vulnerabilities in Windows 10 Version 1607 and Windows Server 2016, including privilege escalation flaws in the Windows kernel, remote code execution vulnerabilities in Remote Desktop Services, and security issues in graphics components, MSMQ, and Print Spooler service.
Which systems require KB5087537?+
KB5087537 applies to Windows 10 Version 1607 (both 32-bit and 64-bit editions) and Windows Server 2016 (including Server Core installations). The update brings these systems to OS build 14393.9140.
Is KB5087537 a security update?+
Yes, KB5087537 is classified as a security update that addresses multiple critical vulnerabilities across various Windows components. It is automatically delivered through Windows Update as an Important update.
What are the prerequisites for KB5087537?+
KB5087537 requires a minimum of 2 GB free disk space on the system drive and administrative privileges for installation. No specific prior updates are required, but ensure your system is running a supported version of Windows 10 Version 1607 or Windows Server 2016.
Are there known issues with KB5087537?+
Known issues include potential installation failure on systems with insufficient disk space (less than 2 GB), temporary performance impact during the first boot after installation, and possible compatibility issues with certain third-party drivers that may require updates.
References (3)
1
12 mai 2026—KB5087537 (version du système d'exploitation 14393.9140)Article de support officiel de Microsoft pour la mise à jour de sécurité KB5087537https://support.microsoft.com/en-us/topic/may-12-2026-kb5087537-os-build-14393-9140-2ef98591-73f0-4517-9fa0-12764b51858f
2Historique des mises à jour de Windows 10 Version 1607Historique complet des mises à jour pour Windows 10 Version 1607https://support.microsoft.com/en-us/topic/windows-10-update-history
3Informations sur la mise à jour de Windows Server 2016Mettre à jour les informations et les ressources de support pour Windows Server 2016https://support.microsoft.com/en-us/topic/windows-server-2016-update-information
Discussion
Share your thoughts and insights
Sign in to join the discussion
More Articles
Related KB Articles
Security Update
Windows Update
KB5087544 — May 2026 Security Update for Windows 10
KB5087544 is a May 2026 security update that addresses multiple vulnerabilities in Windows 10 Version 21H2 and 22H2, including critical fixes for Windows kernel and networking components.
May 1312 min
Security Update
Windows Update
KB5087538 — May 2026 Security Update for Windows 10 Version 1809 and Windows Server 2019
KB5087538 is a May 2026 security update that addresses multiple vulnerabilities in Windows 10 Version 1809 and Windows Server 2019, including critical security fixes for Windows kernel and networking components.
May 1312 min
Security Update
Windows Update
KB5087420 — May 2026 Security Update for Windows 11 Version 23H2
KB5087420 is a May 2026 security update that addresses multiple vulnerabilities in Windows 11 Version 23H2, including critical fixes for Windows Kernel, Remote Desktop Services, and Microsoft Edge WebView2.
May 1312 min