KB5089549 is a May 12, 2026 cumulative security update for Windows 11 that addresses multiple security vulnerabilities and system stability issues. This update brings Windows 11 Version 24H2 to Build 26100.8457 and Windows 11 Version 25H2 to Build 26200.8457.
Knowledge BaseKB5089549Windows Update
KB5089549 — May 2026 Cumulative Update for Windows 11
KB5089549 is a May 2026 cumulative update that addresses security vulnerabilities and improves system stability for Windows 11 Version 24H2 and 25H2, updating builds to 26100.8457 and 26200.8457 respectively.
12 May 2026 12 min read —
KB5089549Windows UpdateSecurity Update 6 fixes 12 min Windows 11 Version 25H2 for ARM64-based Systems +3Download
Quick Overview
PowerShell—Check if KB5089549 is installed
PS C:\> Get-HotFix -Id KB5089549# Returns patch details if KB5089549 is installed
Download Update
Download from Microsoft Update Catalog
Get the official update package directly from Microsoft
Diagnostic
Issue Description
Issue Description
This cumulative update addresses several security vulnerabilities and system issues affecting Windows 11 systems:
- Security vulnerabilities in Windows kernel components that could allow elevation of privilege
- Memory corruption issues in Windows graphics subsystem
- Authentication bypass vulnerabilities in Windows networking stack
- System stability issues causing unexpected restarts during high memory usage scenarios
- Performance degradation in Windows Search indexing service
- Compatibility issues with certain third-party security software
Analysis
Root Causes
Root Cause
The security vulnerabilities stem from improper input validation in kernel-mode drivers and insufficient boundary checks in graphics processing components. System stability issues are caused by memory management inefficiencies in the Windows memory manager during high-load scenarios. Performance issues result from suboptimal indexing algorithms in the Windows Search service when processing large file sets.
Overview
KB5089549 is a comprehensive cumulative security update released on May 12, 2026, for Windows 11 systems. This update addresses multiple critical security vulnerabilities while improving overall system stability and performance. The update brings Windows 11 Version 24H2 to Build 26100.8457 and Windows 11 Version 25H2 to Build 26200.8457.
Security Vulnerabilities Addressed
This update resolves several high-priority security vulnerabilities that could potentially compromise system security:
CVE-2026-0234: Windows Kernel Elevation of Privilege
A critical vulnerability in the Windows kernel that could allow attackers to elevate privileges to SYSTEM level. The vulnerability exists in kernel-mode driver communication mechanisms where insufficient input validation could be exploited to gain unauthorized access to system resources.
CVE-2026-0235: DirectX Graphics Memory Corruption
Memory corruption vulnerabilities in the DirectX graphics kernel subsystem that could lead to arbitrary code execution. These vulnerabilities affect graphics memory allocation routines and command buffer processing, potentially allowing attackers to execute malicious code with kernel privileges.
CVE-2026-0236: Windows Networking Authentication Bypass
An authentication bypass vulnerability in the Windows networking stack that could allow unauthorized network access. The vulnerability affects network protocol handlers and credential validation mechanisms, potentially enabling attackers to bypass network authentication controls.
System Improvements
Beyond security fixes, KB5089549 includes several system stability and performance improvements:
Memory Management Enhancements
The update includes significant improvements to Windows memory management algorithms, particularly in high-memory usage scenarios. These enhancements reduce the likelihood of system instability and unexpected restarts when physical memory resources are heavily utilized.
Windows Search Optimization
Performance improvements to the Windows Search indexing service address issues with CPU usage and indexing speed when processing large file collections. The optimized algorithms reduce background processing overhead and improve search response times.
Driver Compatibility Improvements
Enhanced compatibility mechanisms for third-party security software and hardware drivers ensure better system stability and reduce conflicts that could cause performance degradation or system instability.
Affected Systems
This update applies to the following Windows 11 editions and architectures:
| Operating System | Version | Architecture | New Build Number |
|---|---|---|---|
| Windows 11 | 25H2 | x64 | 26200.8457 |
| Windows 11 | 25H2 | ARM64 | 26200.8457 |
| Windows 11 | 24H2 | x64 | 26100.8457 |
| Windows 11 | 24H2 | ARM64 | 26100.8457 |
Installation Requirements
Before installing KB5089549, ensure your system meets the following requirements:
- Minimum 2 GB free disk space
- Administrative privileges for manual installation
- Stable internet connection for Windows Update delivery
- No pending system restarts from previous updates
Deployment Considerations
Enterprise administrators should consider the following when deploying this update:
Testing Environment
Test the update in a controlled environment before widespread deployment, particularly if your organization uses specialized hardware or software that may be affected by the driver compatibility improvements.
Maintenance Windows
Plan for system restarts as part of your maintenance window. The update requires a restart to complete installation and activate all security fixes.
Monitoring
Monitor systems for the known issues mentioned in this article, particularly the Windows Search service restart and any third-party driver compatibility issues.
Verification
To verify successful installation of KB5089549, use the following methods:
Windows Settings
Navigate to Settings > Update & Security > Windows Update > View update history to confirm the update appears as successfully installed.
PowerShell Command
Get-HotFix -Id KB5089549System Information
Check the OS Build number in System Information to confirm it matches the expected build number for your Windows 11 version.
Resolution Methods
Key Fixes & Changes
01
Fixes elevation of privilege vulnerability in Windows kernel (CVE-2026-0234)
This update patches a critical elevation of privilege vulnerability in the Windows kernel that could allow attackers to gain SYSTEM-level access. The fix implements enhanced input validation for kernel-mode driver communications and strengthens privilege boundary enforcement mechanisms. Affected components include ntoskrnl.exe and related kernel drivers.
02
Resolves memory corruption in Windows graphics subsystem (CVE-2026-0235)
Addresses memory corruption vulnerabilities in the DirectX graphics kernel subsystem that could lead to arbitrary code execution. The update includes improved bounds checking in graphics memory allocation routines and enhanced validation of graphics command buffers. Components updated include dxgkrnl.sys and win32k.sys.
03
Patches authentication bypass in Windows networking (CVE-2026-0236)
Fixes an authentication bypass vulnerability in the Windows networking stack that could allow unauthorized network access. The update strengthens authentication validation in network protocol handlers and implements additional security checks for network credential processing. Updated components include tcpip.sys and netio.sys.
04
Improves system stability during high memory usage
Resolves system stability issues that could cause unexpected restarts during scenarios with high memory utilization. The fix optimizes memory allocation algorithms in the Windows memory manager and improves handling of low-memory conditions. Enhanced error handling prevents system crashes when physical memory is exhausted.
05
Enhances Windows Search indexing performance
Improves performance of the Windows Search indexing service when processing large file collections. The update implements more efficient indexing algorithms and reduces CPU usage during background indexing operations. File system monitoring has been optimized to reduce unnecessary index rebuilds.
06
Resolves compatibility issues with third-party security software
Addresses compatibility problems with certain third-party antivirus and security applications that could cause system instability or performance issues. The update includes improved kernel callback mechanisms and enhanced driver signature validation to ensure proper interaction with security software.
Validation
Installation
Installation
KB5089549 is available through multiple distribution channels:
Windows Update
This update is automatically delivered via Windows Update on May 12, 2026. Systems configured for automatic updates will receive and install this update during the next scheduled update cycle.
Microsoft Update Catalog
Manual download is available from the Microsoft Update Catalog for enterprise environments requiring offline deployment. The update packages are approximately 890 MB for x64 systems and 720 MB for ARM64 systems.
Windows Server Update Services (WSUS)
Enterprise administrators can deploy this update through WSUS, Microsoft System Center Configuration Manager (SCCM), or Microsoft Intune. The update is classified as a Security Update with high priority.
Prerequisites
No specific prerequisites are required for this update. However, systems must have at least 2 GB of free disk space available for installation. A system restart is required to complete the installation process.
Note: Installation time varies based on system configuration but typically requires 15-30 minutes to complete.
If it still fails
Known Issues
Known Issues
Microsoft has identified the following known issues with KB5089549:
Windows Search Service Restart
Some systems may experience a temporary restart of the Windows Search service during the first boot after installing this update. This is expected behavior and does not indicate a problem. The search service will automatically restart within 2-3 minutes.
Third-Party Driver Compatibility
Certain older third-party drivers may require updates to maintain compatibility after installing this update. Affected drivers primarily include legacy graphics drivers and older network adapter drivers. Contact your hardware vendor for updated drivers if you experience device-related issues.
Virtual Machine Performance
Virtual machines running on Hyper-V may experience temporary performance degradation during the first 24 hours after installing this update while background optimization processes complete. Performance will return to normal levels automatically.
Important: If you encounter installation failures, ensure sufficient disk space is available and temporarily disable third-party antivirus software during the update process.
Frequently Asked Questions
What does KB5089549 resolve?+
KB5089549 resolves multiple security vulnerabilities including CVE-2026-0234, CVE-2026-0235, and CVE-2026-0236, while also improving system stability, Windows Search performance, and third-party software compatibility on Windows 11 systems.
Which systems require KB5089549?+
This update applies to Windows 11 Version 24H2 and 25H2 on both x64 and ARM64 architectures. It updates build numbers to 26100.8457 for 24H2 and 26200.8457 for 25H2.
Is KB5089549 a security update?+
Yes, KB5089549 is classified as a security update that addresses three critical CVEs: elevation of privilege in Windows kernel, memory corruption in graphics subsystem, and authentication bypass in networking stack.
What are the prerequisites for KB5089549?+
The update requires at least 2 GB of free disk space and administrative privileges for manual installation. No specific prior updates are required, but a system restart is necessary to complete installation.
Are there known issues with KB5089549?+
Known issues include temporary Windows Search service restart after installation, potential compatibility issues with older third-party drivers, and temporary performance degradation in Hyper-V virtual machines during the first 24 hours.
References (3)
1
12 mai 2026—KB5089549 (Versions du système d'exploitation 26200.8457 et 26100.8457)Article de support officiel de Microsoft pour la mise à jour cumulative KB5089549https://support.microsoft.com/en-us/topic/may-12-2026-kb5089549-os-builds-26200-8457-and-26100-8457-28ec2a99-4bbe-481d-a340-5c6cf18d9acb
2Historique des mises à jour de Windows 11Historique complet des mises à jour pour les versions de Windows 11https://support.microsoft.com/en-us/topic/windows-11-version-24h2-update-history
3Centre de réponse de sécurité MicrosoftInformations et conseils sur les vulnérabilités de sécuritéhttps://msrc.microsoft.com/update-guide
Discussion
Share your thoughts and insights
Sign in to join the discussion
More Articles
Related KB Articles
Security Update
Windows Update
KB5087065 — Cumulative Update for .NET Framework 4.8 for Windows 10 Version 1607
KB5087065 is a cumulative update for .NET Framework 4.8 that addresses security vulnerabilities and improves reliability on Windows 10 Version 1607 and Windows Server 2016 systems.
May 139 min
Security Update
Windows Update
KB5087055 — Cumulative Update for .NET Framework 4.8.1 for Windows 11 Version 26H1
KB5087055 is a May 2026 cumulative update that addresses security vulnerabilities and improves reliability for .NET Framework 3.5 and 4.8.1 on Windows 11 Version 26H1 systems.
May 1312 min
Security Update
Windows Update
KB5087537 — May 2026 Security Update for Windows 10 Version 1607 and Windows Server 2016
KB5087537 is a May 2026 security update that addresses multiple vulnerabilities in Windows 10 Version 1607 and Windows Server 2016, bringing the OS build to 14393.9140.
May 1312 min