Windows 11 May 2026: KB5089549 update fails in the ESP with just 10 MB free and how to mitigate it

Microsoft confirms that the May 2026 security update for Windows 11 (KB5089549) can fail in teams with very little free space in the EFI (ESP) partition, causing 0x800f0922 errors and an automatic drawback of the installation around 35-36% during restart. The company expressly identifies equipment with approximately 10 MB or less free in the ESP as the most affected.

Users who run into this problem often see the generic message "Something didn't go as planned. Undoing changes." when the update fails and, in the records, entries like "SpaceCheck: Insufficient free space" or "ServicngBootFiles failed. Error = 0x70" that point to the lack of space in that partition. Since the ESP contains critical boot and manufacturer files, the update cannot write the necessary artifacts and is reversed to avoid leaving the equipment unusable.

The main practical risk is that the affected equipment will not receive safety patches until the problem is solved or a mitigation is applied, which increases the exposure window. In addition, this incident is in addition to other recent update problems (for example, re-start BitLocker recovery or incompatibilities with backup applications) that force IT administrators and managers to pass the tests before deploying massive updates.

For domestic users and administrators there are two immediate ways. Microsoft recommends using the function Known Issue Rollback (KIR) as temporary mitigation: KIR reverses problem change to allow the team to receive other updates. The official update entry with the problem description is in the KB5089549 page, where Microsoft keeps the status and recommendations up to date.

If you want to check on your own if the ESP is the problem, do it with caution and prior backup: open a system symbol as an administrator, run diskpart and follow the basic instructions to temporarily assign a letter to the EFI partition (e.g.: list disk → select disk 0 → list partition → select partition N → assign letter = Z). With the letter assigned you can see the size and free space from the File Explorer or from the dir command. Do not delete files without confirming their origin: many files in the ESP belong to manufacturers or OEM and their indiscriminate deletion may cause the equipment to not boot. If you are going to modify partitions or remove boot files, make a full backup and, if appropriate, suspend BitLocker before touching the ESP.

In managed environments, Microsoft has published an option to deploy mitigation by group policy: it manages and installs the corresponding Known Issue Rollback package and reinitiates the equipment to apply the configuration. Managers will find instructions to deploy KIR through directives in Microsoft documentation and can also download the MSI mitigation provided by Microsoft; it is appropriate to test first in a pilot ring before applying throughout the fleet and monitoring the results. More details on the implementation of the policy are available in the official guide in Microsoft Docs.

If the permanent solution increases the size of the ESP (e.g. by rescaling partitions during the image or using partitioning tools), do so only with verified procedures and preferably with manufacturer support, as moving or redimensioning boot partitions on machines with UEFI and BitLocker firmware is delicate. Another safe alternative is to work with OEM support to remove non-essential files that occupy the ESP, always after validating its function.

Final practical recommendation: do not ignore security updates for fear of failure; instead, confirm whether your equipment is affected by reviewing the installation records and space in the ESP, apply Known Issue Rollback as appropriate and coordinate with OEM support or your IT team to increase the ESP or safely clean other files. Keep backup and a test ring before you deploy massive changes to minimize operational risks.