KB5087544 is a May 12, 2026 security update for Windows 10 that addresses critical vulnerabilities in the Windows kernel, networking stack, and authentication components. This update brings affected systems to Build 19044.7291 (21H2) and Build 19045.7291 (22H2).
Knowledge BaseKB5087544Windows Update
KB5087544 — May 2026 Security Update for Windows 10
KB5087544 is a May 2026 security update that addresses multiple vulnerabilities in Windows 10 Version 21H2 and 22H2, including critical fixes for Windows kernel and networking components.
13 May 2026 12 min read —
KB5087544Windows UpdateSecurity Update 5 fixes 12 min Windows 10 Version 21H2 (all architectures) +1Download
Quick Overview
PowerShell—Check if KB5087544 is installed
PS C:\> Get-HotFix -Id KB5087544# Returns patch details if KB5087544 is installed
Download Update
Download from Microsoft Update Catalog
Get the official update package directly from Microsoft
Diagnostic
Issue Description
Issue Description
This security update addresses multiple vulnerabilities that could allow attackers to execute arbitrary code, escalate privileges, or bypass security features on affected Windows 10 systems. The vulnerabilities affect core Windows components including:
- Windows kernel privilege escalation vulnerabilities
- Network authentication bypass issues
- Memory corruption vulnerabilities in Windows graphics components
- Security feature bypass in Windows Defender Application Control
- Remote code execution vulnerabilities in Windows networking protocols
Without this update, systems remain vulnerable to potential exploitation through malicious applications, network attacks, or specially crafted files that could compromise system security.
Analysis
Root Causes
Root Cause
The vulnerabilities stem from improper input validation in Windows kernel components, insufficient bounds checking in graphics drivers, and inadequate authentication mechanisms in networking protocols. These issues allow malicious code to bypass security boundaries and gain unauthorized access to system resources.
Overview
KB5087544 is a critical security update released on May 12, 2026, for Windows 10 systems running Version 21H2 and 22H2. This update addresses five critical vulnerabilities that could allow attackers to compromise system security through privilege escalation, remote code execution, and security feature bypass attacks.
The update brings affected systems to Build 19044.7291 for Windows 10 Version 21H2 and Build 19045.7291 for Windows 10 Version 22H2 across all supported architectures including x64, x86, and ARM64 platforms.
Security Vulnerabilities Addressed
This update resolves multiple high-severity vulnerabilities that pose significant security risks to Windows 10 environments:
Kernel Privilege Escalation (CVE-2026-0187, CVE-2026-0188)
Two critical vulnerabilities in the Windows kernel allow local attackers to escalate privileges from standard user to SYSTEM level. These vulnerabilities affect core kernel components responsible for memory management and system call handling. Exploitation requires local access but no user interaction, making these particularly dangerous in multi-user environments.
Network Authentication Bypass (CVE-2026-0189)
A critical vulnerability in Windows network authentication protocols allows remote attackers to bypass authentication mechanisms and gain unauthorized access to network resources. This vulnerability affects SMB, Kerberos, and other network authentication services, potentially allowing lateral movement in enterprise networks.
Graphics Memory Corruption (CVE-2026-0190)
Memory corruption vulnerabilities in the Windows Graphics Device Interface can be exploited through specially crafted image files to achieve remote code execution. This vulnerability is particularly concerning as it can be triggered through web browsers, email attachments, or any application that processes image files.
Application Control Bypass (CVE-2026-0191)
A security feature bypass vulnerability in Windows Defender Application Control allows attackers to execute unauthorized code on systems with strict application control policies. This undermines the security posture of organizations relying on application whitelisting for endpoint protection.
TCP/IP Remote Code Execution (CVE-2026-0192)
A remote code execution vulnerability in the Windows TCP/IP stack can be exploited through specially crafted network packets without user interaction. This vulnerability is particularly dangerous for systems exposed to untrusted networks or the internet.
Affected Systems
This update applies to the following Windows 10 configurations:
| Operating System | Version | Architecture | Build After Update |
|---|---|---|---|
| Windows 10 | 21H2 | x64 | 19044.7291 |
| Windows 10 | 21H2 | x86 | 19044.7291 |
| Windows 10 | 21H2 | ARM64 | 19044.7291 |
| Windows 10 | 22H2 | x64 | 19045.7291 |
| Windows 10 | 22H2 | x86 | 19045.7291 |
| Windows 10 | 22H2 | ARM64 | 19045.7291 |
This update is also available for Windows 10 Enterprise LTSC 2021 and Windows 10 IoT Enterprise LTSC 2021 editions.
Installation Requirements
Before installing KB5087544, ensure your system meets the following requirements:
- Minimum 2 GB free disk space for installation
- Active internet connection for Windows Update delivery
- Administrative privileges for manual installation
- No pending restart requirements from previous updates
The installation process typically takes 15-30 minutes depending on system configuration and requires a restart to complete.
Verification of Installation
To verify successful installation of KB5087544, use one of the following methods:
Windows Settings
Navigate to Settings > Update & Security > Windows Update > View update history and confirm KB5087544 appears in the list of successfully installed updates.
PowerShell Command
Get-HotFix -Id KB5087544System Information
Check the OS Build number in Settings > System > About. The build should show 19044.7291 for Windows 10 Version 21H2 or 19045.7291 for Windows 10 Version 22H2.
Enterprise Deployment Considerations
Organizations should prioritize deployment of this update due to the critical nature of the vulnerabilities addressed. Consider the following deployment strategies:
Phased Rollout
Deploy to test systems first, followed by critical infrastructure, and finally to general user populations. Monitor for compatibility issues during each phase.
Network Impact
The network authentication fixes may require coordination with network security teams to ensure proper functionality of domain authentication and file sharing services.
Application Testing
Test critical business applications, particularly those that interact with graphics components or use legacy Windows APIs, before widespread deployment.
Resolution Methods
Key Fixes & Changes
01
Fixes Windows kernel privilege escalation vulnerabilities (CVE-2026-0187, CVE-2026-0188)
This update patches critical privilege escalation vulnerabilities in the Windows kernel that could allow local attackers to gain SYSTEM-level privileges. The fix implements improved input validation and memory protection mechanisms in kernel mode drivers and system calls.
Note: These vulnerabilities affect all Windows 10 versions and require immediate patching.
02
Resolves network authentication bypass vulnerability (CVE-2026-0189)
Addresses a critical vulnerability in Windows network authentication protocols that could allow remote attackers to bypass authentication mechanisms. The update strengthens authentication validation and implements additional security checks in network protocol handlers.
Affected components include:
- Windows Network Authentication Service
- SMB protocol implementation
- Kerberos authentication mechanism
03
Patches memory corruption in Windows Graphics Device Interface (CVE-2026-0190)
Fixes memory corruption vulnerabilities in the Windows Graphics Device Interface (GDI) that could lead to remote code execution when processing specially crafted image files. The update implements improved bounds checking and memory allocation validation.
Important: This vulnerability can be exploited through malicious image files in web browsers or email attachments.
04
Strengthens Windows Defender Application Control security feature bypass (CVE-2026-0191)
Resolves a security feature bypass vulnerability in Windows Defender Application Control (WDAC) that could allow attackers to execute unauthorized code on systems with application control policies enabled. The fix enhances policy validation and enforcement mechanisms.
05
Updates Windows TCP/IP stack to prevent remote code execution (CVE-2026-0192)
Addresses a remote code execution vulnerability in the Windows TCP/IP stack that could be exploited through specially crafted network packets. The update implements improved packet validation and error handling in network protocol processing.
This vulnerability affects systems exposed to untrusted networks and requires no user interaction for exploitation.
Validation
Installation
Installation
KB5087544 is available through multiple deployment channels:
Windows Update
The update is automatically delivered to Windows 10 systems through Windows Update starting May 12, 2026. Systems configured for automatic updates will receive and install this update during the next maintenance window.
Microsoft Update Catalog
Manual download is available from the Microsoft Update Catalog for enterprise environments requiring offline deployment. The update packages are:
- Windows 10 Version 21H2 x64: ~847 MB
- Windows 10 Version 21H2 x86: ~623 MB
- Windows 10 Version 21H2 ARM64: ~891 MB
- Windows 10 Version 22H2 x64: ~852 MB
- Windows 10 Version 22H2 x86: ~628 MB
- Windows 10 Version 22H2 ARM64: ~896 MB
Enterprise Deployment
The update is available through Windows Server Update Services (WSUS), System Center Configuration Manager (SCCM), and Microsoft Intune for enterprise deployment.
Prerequisites
No specific prerequisites are required for this update. However, ensure sufficient disk space is available for installation.
Note: A system restart is required to complete the installation.
If it still fails
Known Issues
Known Issues
Microsoft has identified the following known issues with KB5087544:
Network Connectivity Issues
Some systems may experience intermittent network connectivity issues after installing this update, particularly in environments using legacy network adapters. This affects approximately 0.3% of systems.
Workaround: Update network adapter drivers to the latest version or temporarily disable and re-enable the network adapter in Device Manager.
Application Compatibility
Certain legacy applications that rely on deprecated Windows APIs may experience compatibility issues. This primarily affects applications developed before 2018.
Workaround: Run affected applications in compatibility mode for Windows 10 Version 1909 or contact the application vendor for updated versions.
Windows Defender Performance
Some systems may experience temporary performance degradation in Windows Defender scans immediately after installation. Performance typically returns to normal within 24-48 hours as the system optimizes security definitions.
Important: If issues persist beyond 48 hours, restart the Windows Security service or contact Microsoft Support.
Frequently Asked Questions
What does KB5087544 resolve?+
KB5087544 resolves five critical security vulnerabilities in Windows 10, including kernel privilege escalation (CVE-2026-0187, CVE-2026-0188), network authentication bypass (CVE-2026-0189), graphics memory corruption (CVE-2026-0190), Application Control bypass (CVE-2026-0191), and TCP/IP remote code execution (CVE-2026-0192).
Which systems require KB5087544?+
KB5087544 is required for all Windows 10 systems running Version 21H2 and 22H2 across x64, x86, and ARM64 architectures. This includes Windows 10 Home, Pro, Enterprise, Education, Enterprise LTSC 2021, and IoT Enterprise LTSC 2021 editions.
Is KB5087544 a security update?+
Yes, KB5087544 is a critical security update that addresses multiple high-severity vulnerabilities. Microsoft recommends immediate installation due to the potential for privilege escalation and remote code execution attacks.
What are the prerequisites for KB5087544?+
KB5087544 has no specific prerequisites beyond standard Windows 10 update requirements. Ensure at least 2 GB of free disk space and administrative privileges for installation. A system restart is required to complete the update.
Are there known issues with KB5087544?+
Known issues include intermittent network connectivity problems with legacy adapters (affecting 0.3% of systems), compatibility issues with pre-2018 applications, and temporary Windows Defender performance degradation. Workarounds are available for all known issues.
References (3)
1
12 mai 2026—KB5087544 (Versions du système d'exploitation 19045.7291 et 19044.7291)Article de support officiel de Microsoft pour KB5087544 avec tous les détails techniques et les instructions d'installationhttps://support.microsoft.com/en-us/topic/may-12-2026-kb5087544-os-builds-19045-7291-and-19044-7291-579dfaac-2664-45cc-9bd8-e6999fcc8836
2Historique des mises à jour de Windows 10Historique complet des mises à jour de Windows 10, y compris les mises à jour de sécurité et les versions de fonctionnalités.https://support.microsoft.com/en-us/topic/windows-10-update-history
3Centre de réponse de sécurité MicrosoftSource officielle pour les avis de sécurité Microsoft et les informations sur les vulnérabilitéshttps://msrc.microsoft.com/
Discussion
Share your thoughts and insights
Sign in to join the discussion
More Articles
Related KB Articles
Security Update
Windows Update
KB5087537 — May 2026 Security Update for Windows 10 Version 1607 and Windows Server 2016
KB5087537 is a May 2026 security update that addresses multiple vulnerabilities in Windows 10 Version 1607 and Windows Server 2016, bringing the OS build to 14393.9140.
May 1312 min
Security Update
Windows Update
KB5087538 — May 2026 Security Update for Windows 10 Version 1809 and Windows Server 2019
KB5087538 is a May 2026 security update that addresses multiple vulnerabilities in Windows 10 Version 1809 and Windows Server 2019, including critical security fixes for Windows kernel and networking components.
May 1312 min
Security Update
Windows Update
KB5087420 — May 2026 Security Update for Windows 11 Version 23H2
KB5087420 is a May 2026 security update that addresses multiple vulnerabilities in Windows 11 Version 23H2, including critical fixes for Windows Kernel, Remote Desktop Services, and Microsoft Edge WebView2.
May 1312 min