KB5082200: Windows 10 gets 167 corrections, two zero-day vulnerabilities exploited and RDP and Secure Boot improvements

Microsoft has published the extended security update KB5082200 for Windows 10, corresponding to the April 2026 Patch Tuesday. This is mainly a package aimed at resolving vulnerabilities and correcting errors. including 167 corrected failures and two day-to-day vulnerabilities exploited at large, according to the company's official record.

The update is aimed at Windows 10 facilities with extended support, in particular with Windows 10 Enterprise LTSC 2021 and devices included in the Extended Security Updates (ESU) program. If your computer is part of any of these groups, you can get the update from Settings > Windows Update by performing a manual update check; Microsoft explains the steps and scope of this patch on the support page dedicated to KB5082200 ( official Microsoft detail).

After installing KB5082200, the affected versions will rise from build: Windows 10 teams will receive build 19045,7184, while Windows 10 Enterprise LTSC 2021 will move to build 19044,7184. Microsoft indicates that it does not introduce new wide-ranging features for Windows 10 (the platform stopped receiving main features), but does incorporate important security improvements and corrections.

Among the most relevant functional developments that the update brings is greater protection against phishing attacks that abuse Remote Desktop files (.rdp). Now, when you open a .rdp, the connection first shows the requested options and leaves them inactive by default, and also a security warning appears the first time you open that type of file on the computer. Microsoft offers more context on how these warnings work in its security documentation when opening RDP files ( official explanation of RDP warnings).

Another remarkable improvement has to do with Secure Boot: the Windows Security app can now show dynamic indicators on the status of safe boot and the implementation of new Secure Boot certificates. This allows managers and users to see if your team already received the updated certificates, a useful visibility because Microsoft is replacing old certificates (some issued in 2011) that expire in June 2026. The company details the management and schedule of these changes on its page about the expiry and updating of Secure Boot certificates ( state information and alerts in Windows Security) and in the historical note on the expiry of licences ( Secure Boot Certificate Update).

A practical concern that corrects this patch is a problem that made some Intel devices with Connected Standby enter the BitLocker recovery screen after reboot. With KB5082200, this scenario is solved and high-confidence telemetry data are also incorporated in quality updates to allow a more controlled and phased implementation of the new Secure Boot certificates: the teams only receive the certificates once they demonstrate successful update signals, thus minimizing mass impacts.

It also addresses a failure that, from previous updates (mentioned by Microsoft as having occurred since March 10, 2026), could prevent you from logging into applications with Microsoft accounts, showing a "no Internet" error even with operational connection and blocking access to services like Teams. That regression has been addressed in the package.

Microsoft does not report known problems associated with KB5082200 at the time of its publication, and the update notes the corrections applied. If you prefer a second opinion or a more journalistic reading on patch distribution and content, specialized media have covered the launch and its implications; one example is the BleepingComputer piece on KB5082200 ( article in BleepingComputer), which synthesizes key points and provides context.

For IT administrators and equipment the recommendation is clear: plan the implementation following the usual test practices in controlled environments prior to mass deployment, check the compatibility with encryption solutions like BitLocker and review the new Secure Boot signals in the Windows Security app once the patch is applied. If you need guidance to update equipment manually, Microsoft collects general instructions on how to update Windows 10 in its help center ( How to update Windows 10).

In short, KB5082200 is a security-focused delivery that corrects operating failures and reinforces specific defences such as protection against malicious RDP files and traceability of the deployment of Secure Boot certificates. If your organization still maintains equipment with extended support, this update should be prioritized and validate their behavior in critical systems before activating overall deployment.