Microsoft has shipped a new out-of-band cumulative update, KB5089573, targeting Windows 11 versions 25H2 and 24H2 to permanently resolve the installation failures that disrupted May 2026’s Patch Tuesday rollout.
Carrying OS builds 26200.8524 and 26100.8524, the update eliminates the need for previously issued workarounds and restores normal patching operations for affected devices.
The May 2026 security update triggered widespread error code 0x800f0922 on machines with 10 MB or less of free space on the EFI System Partition (ESP).
Affected systems would stall during the reboot phase at approximately 35–36% completion, leaving devices in an inconsistent state and blocking further security updates from applying.
Microsoft’s interim response included a Known Issue Rollback (KIR) for consumer devices, while enterprise administrators were directed to a registry-based workaround modifying the EspPaddingPercent value. KB5089573 permanently resolves the underlying issue, rendering both workarounds obsolete.
Beyond the headline bug fix, this cumulative update delivers several notable additions across gradual and normal rollout phases:
- AI Component Updates: Core AI modules Image Search, Content Extraction, Semantic Analysis, and Settings Model updated to version 1.2605.856.0
- Personalization Improvements: New personalization features added May 28, 2026, currently rolling out gradually to eligible devices
- Servicing Stack Update: Bundles SSU KB5092734 (version 26100.8519), strengthening the update installation pipeline for improved reliability
The phased rollout model means not all devices will receive every feature simultaneously, as Microsoft monitors stability before broad deployment.
This update does not appear in the standard automatic update pipeline immediately. To manually trigger installation:
- Navigate to Start > Settings > Windows Update > Advanced Options > Optional Updates
- Select the update under “Optional updates available”
IT administrators can also deploy via Windows Update for Business, the Microsoft Update Catalog, or Windows Server Update Services (WSUS).
Microsoft has bundled the SSU KB5092734 directly into the cumulative package a standard practice to ensure future update reliability. However, this creates an important administrative consideration: the combined SSU+LCU package cannot be uninstalled using wusa.exe /uninstall.
Removal requires the DISM /Remove-Package command-line tool targeting the LCU package name specifically. The SSU component itself cannot be removed once installed, so administrators should test deployment in staging environments before broad enterprise rollout.
Microsoft currently reports no known issues with KB5089573 a clean deployment record that stands in stark contrast to last month’s troubled update cycle. For security teams, this is a high-priority remediation: systems stalled with error 0x800f0922 following May Patch Tuesday have been running without the latest security fixes for weeks.
Organizations and individual users who experienced stalled Windows Update queues or persistent installation failures should prioritize this update immediately to close the patching gap, restore update infrastructure integrity, and ensure continued compliance with security baselines.
No Comment! Be the first one.