New Microsoft Release Windows 10 Kb5073724 Extended Security Update - Expert Insights

Microsoft has released the KB5073724 extended security update to fix the Patch Tuesday security updates, including 3 zero-days and a fix for expiring Secure Boot certificates.

If you are running Windows 10 Enterprise LTSC or are enrolled in the ESU program, you can install this update like normal by going into Settings, clicking on Windows Update, and manually performing a 'Check for Updates.'

After installing this update, Windows 10 will be updated to build 19045.6809, and Windows 10 Enterprise LTSC 2021 will be updated to build 19044.6809.

Microsoft is no longer releasing new features for Windows 10, and the KB5073724 update contains only security fixes and bug fixes introduced by previous security updates.

With today's January 2026 Patch Tuesday, Microsoft has fixed 114 vulnerabilities, including three zero day flaws.

KB5073724 fixes an actively exploited elevation of privileges vulnerability in the built-in Agere modem drivers, a security flaw in the third-party WinSqlite DLL, and updates to address the upcoming expiration of Secure Boot certificates.

Since June 2025, Microsoft has warned that multiple Windows Secure Boot certificates issued in 2011 are expiring in 2026, and systems that do not update them risk breaking Secure Boot protections.

Signs third-party boot loaders and EFI applications.

These certificates are used to validate Windows boot components, third-party bootloaders, and Secure Boot revocation updates.  If the certificates expire, then Secure Boot may break, allowing threat actors to bypass protections.

As part of today's update, Microsoft is now rolling out targeted updates to systems that update Secure Boot certificates. These updates will be rolled out to additional systems over time.

Source: BleepingComputer