Microsoft Releases Windows 10 KB5087544 Extended Security Update for May 2026 Patch Tuesday
Microsoft released the Windows 10 KB5087544 extended security update on May 2026 Patch Tuesday, fixing 120 vulnerabilities and addressing a Remote Desktop Connection warning rendering issue.
Microsoft has released the Windows 10 KB5087544 extended security update as part of its May 2026 Patch Tuesday, addressing a total of 120 vulnerabilities. The update is available for Windows 10 Enterprise LTSC and systems enrolled in the Extended Security Updates (ESU) program. After installation, Windows 10 is updated to build 19045.7291, while Windows 10 Enterprise LTSC 2021 reaches build 19044.7291.
The KB5087544 update primarily contains security fixes and bug fixes, as Microsoft is no longer releasing new features for Windows 10. Among the key fixes is a resolution for a Remote Desktop Connection security warning dialog that rendered incorrectly in multi-monitor configurations with different display scaling settings. This issue was introduced by the April 14, 2026 security update (KB5087544).
The update also enables dynamic status reporting for Secure Boot states in the Windows Security App. Additionally, Windows quality updates now include higher confidence device targeting data, increasing the coverage of devices eligible to automatically receive new Secure Boot certificates. Devices receive the new certificates only after demonstrating sufficient successful update signals, maintaining a controlled and phased rollout.
Microsoft has also updated Daylight Savings Time support for the Arab Republic of Egypt to comply with the government's DST change order from 2023. This ensures that systems in Egypt correctly reflect the current time zone regulations.
A known issue in this update causes Windows to prompt users to enter their BitLocker recovery key after installing recent updates. The problem affects systems using a specific BitLocker Group Policy configuration that includes PCR7 in the TPM validation profile, along with several Secure Boot and boot manager conditions tied to the newer Windows UEFI CA 2023 certificate. As a temporary workaround, Microsoft advises removing the affected Group Policy setting and then suspending and resuming BitLocker to regenerate the default PCR bindings while it works on a permanent fix.
Users running Windows 10 Enterprise LTSC or enrolled in the ESU program can install this update by going to Settings, clicking on Windows Update, and manually performing a 'Check for Updates.' The update is cumulative and includes all previous security fixes, making it essential for maintaining system security.
This Patch Tuesday release underscores Microsoft's continued commitment to securing its legacy Windows 10 platform, even as the company focuses development efforts on Windows 11. Organizations still relying on Windows 10 should prioritize deploying this update to mitigate the 120 vulnerabilities addressed and to resolve the Remote Desktop and BitLocker issues.