Skip to main content
TechnologyApr 15, 2026· 3 min read

Windows 10, the new extended update fixes login bugs and more

The Patch Tuesday of April 2026 installs the cumulative update KB5082200 on Windows 10, bringing the operating system to builds 19045.7184 and 19044.7184. This update package is intended for systems enrolled in the Extended Security Updates (ESU) program and addresses several bugs that affected professional users in the previous weeks, particularly regarding authentication to Microsoft accounts and cloud service management.

One of the most anticipated fixes relates to the Sign-In process. After the March 2026 updates, several users reported being unable to access applications via Microsoft accounts, receiving a "no internet connection" error even when a fully functioning network was present. This bug hindered the use of essential tools like Microsoft Teams. With the new build, the issue is resolved, restoring proper communication between authentication services and the operating system.

Windows 10 KB5082200: Fixed access issues and RDP security

Microsoft has implemented significant security improvements to Remote Desktop (RDP). The goal is to combat phishing campaigns that exploit malicious .rdp files to steal credentials or establish unauthorized connections. With the installation of KB5082200, opening a remote configuration file will trigger a summary screen displaying all required connection settings. These parameters are now disabled by default, prompting the user to perform a conscious analysis before proceeding. Furthermore, on the first attempt to open an .rdp file on a new device, the system will display a specific security warning to increase the operator's alertness.

The hardware security sector sees the introduction of dynamic reporting for the Secure Boot status within the Windows Security app. Users can now monitor firmware protection through badges and direct notifications in the Settings > Update & Security path. However, this feature is disabled by default on commercial devices and servers to avoid redundancies in managed systems.

A pesky bug that caused BitLocker Recovery mode to activate following Secure Boot updates has also been fixed, an event that often blocked system boot requiring manual input of the recovery key. At the same time, Microsoft has optimized the rollout of new Secure Boot certificates, using high-reliability targeting data to ensure that automatic distribution occurs only on machines that have demonstrated stability during previous update phases.

Vulnerability Analysis: Two zero-days under attack

In addition to functional fixes, the April Patch Tuesday addresses a total of 167 vulnerabilities, of which eight are classified as "critical". Among these, two zero-day flaws stand out.

The first, identified as CVE-2026-32201, concerns a spoofing defect in Microsoft SharePoint Server that is actively exploited in real attacks. An unauthorized attacker can exploit incorrect input validation to view or modify sensitive information on the network.

The second zero-day vulnerability, CVE-2026-33825, is a privilege escalation bug in Microsoft Defender. The flaw allows obtaining system privileges (SYSTEM) and has been resolved through an update to the antimalware platform to version 4.18.26050.3011. Although the Defender update is automatic, Microsoft recommends manual verification via Virus & Threat Protection.

Finally, it is highly recommended to update Microsoft Office, as remote code execution (RCE) bugs in Word and Excel, which could be triggered through the simple document preview pane, have been fixed. The complete changelog of the update can be found on the official Microsoft support website.