Skip to main content
TechnologyJul 15, 2026· 3 min read

Microsoft Updates Windows 10: KB5099539 Update Fixes 570 Vulnerabilities

Microsoft has released KB5099539, the extended security update for Windows 10 that brings the operating system to build 19045.7548 (build 19044.7548 for Windows 10 Enterprise LTSC 2021). The package includes the July 2026 Patch Tuesday fixes, a record month with 570 vulnerabilities resolved, including two zero-days already exploited in real attacks and one disclosed publicly before the patch.

The update only applies to devices subscribed to the Extended Security Updates (ESU) program or installations of Windows 10 Enterprise LTSC. It is worth noting that last month, Microsoft unexpectedly extended the free ESU program for consumers by an additional year, pushing the security coverage deadline to October 12, 2027. Those who meet these requirements can download the package through the usual path: Settings, Windows Update, check for updates manually.

Fixes Included in the Package

As there are no longer new features being developed for Windows 10, KB5099539 focuses on bug fixes and security patches. Among the resolved issues is a defect in OLE Automation (oleaut32.dll) introduced by the June 2026 security update, which caused applications invoking the IDispatch::Invoke method with BYREF parameters shared across the same memory area to fail.

An anomaly in File Explorer has also been fixed, which would stop responding to the OneDrive link when the application was run with administrative privileges. A cosmetic issue with the Recycle Bin is also corrected: the confirmation window for permanently deleting a file could show the internal name of the file rather than the original one.

On the input management front, Microsoft reports a change in the behavior of disabling and cleaning hotkeys: in rare cases, some native Windows features might temporarily stop responding to certain keyboard shortcuts. The problem is usually resolved by restarting the involved app; if not, it should be reported via Feedback Hub.

For Secure Boot, the update introduces dynamic status reporting directly in the Windows Security app and expands the coverage of devices eligible to automatically receive new certificates, whose issuance will continue in the coming months on supported PCs and unmanaged business devices.

The network section is more delicate: KB5099539 introduces stricter security measures that impose registration requirements for TDI transports. Applications relying on sockets with unregistered third-party TDI transports risk stopping working after installation, while those that are properly registered remain unaffected. To check if a device is involved, simply look for events AFD ID 16003 in the system log in the Event Viewer, which indicate an unregistered TDI provider detected by the system.

New features for Remote Desktop include support for SHA-2 certificate fingerprints for trusted RDP publishers, while SHA-1 remains available only for compatibility and will be removed in the future. Microsoft advises IT administrators to migrate as soon as possible to SHA-256 or stronger algorithms to avoid interruptions when legacy support is eliminated. Additionally, indications via Group Policy have been introduced to manage the security of .rdp files, useful for mitigating phishing risks by controlling which files users can open.

Aside from the highlighted points, Microsoft does not report any further known issues related to this release.