Microsoft Releases Critical Security Update for Windows 10 Addressing 570 Vulnerabilities

Microsoft Releases Critical Security Update for Windows 10 Addressing 570 Vulnerabilities

First seen 14 Jul 2026, 19:58 UTC Feeds.4SysopsBleepingcomputersupport.microsoft.com 90% similarity 72.5

Article Content

Browse articles
ThreatCluster

On July 14, 2026, Microsoft released the Windows 10 KB5099539 extended security update, addressing a record 570 vulnerabilities, including two actively exploited zero-day flaws. This update is part of the July 2026 Patch Tuesday cycle and extends the free Extended Security Updates (ESU) program for consumers until October 12, 2027. The update primarily includes security fixes and bug corrections, with significant changes to TDI transport registration requirements that may affect legacy applications. Users running Windows 10 Enterprise LTSC or enrolled in the ESU program can install this update via Windows Update. The update also introduces security hardening changes for Remote Desktop Protocol (RDP) and addresses compatibility issues in OLE Automation and File Explorer. Organizations are advised to migrate to SHA-256 thumbprints for RDP to mitigate phishing risks. The update is crucial for maintaining security as Microsoft no longer releases new features for Windows 10.

Key Points: • Microsoft's KB5099539 update addresses 570 vulnerabilities, including two zero-days. • The free Extended Security Updates (ESU) program for Windows 10 is extended until October 2027. • New TDI transport registration requirements may disrupt legacy applications.

ThreatCluster AI

Timeline

2026-07-14
Microsoft releases KB5099539 update
The update addresses 570 vulnerabilities, including two zero-day flaws and extends the ESU program for consumers.
Bleepingcomputer
2026-07-14
Security hardening for TDI transports introduced
New requirements enforce TDI transport registration, affecting applications using unregistered transports.
support.microsoft.com
2026-07-14
RDP security enhancements implemented
Support for SHA-2 certificate thumbprints added for trusted RDP publishers to reduce phishing risks.
support.microsoft.com

Community

Browse all →