Not a user yet?
Log in Register for free Suggest a product
Update

KB5082060: improves reliability when Windows uses SMB compression over QUIC

Windows Server 23H2Windows Server 23H2
Microsoft

April 14, 2026—KB5082060 (OS Build 25398.2274)

Improvements
This security update contains fixes and quality improvements from KB5078734 (released March 10, 2026). The following summary outlines key issues addressed by this update. Also, included are available new features. The bold text within the brackets indicates the item or area of the change.

[Graphics]

  • This update improves stability for certain GPU configurations. It helps games and 3D apps run more reliably during intensive graphics use.
  • This update improves stability affecting certain GPU configurations, helping devices shut down more reliably.​​​​​​​
  • [Kerberos protocol] This update changes the default DefaultDomainSupportedEncTypes value for Kerberos Key Distribution Center (KDC) operations to leverage AES-SHA1 for accounts that do not have an explicit msds-SupportedEncryptionTypes Active Directory attribute defined. For more information see, Windows Deployment Services (WDS) Hands-Free Deployment Hardening Guidance related to CVE-2026-0386.
  • [Networking] This update improves reliability when Windows uses SMB compression over QUIC. After you install this update, SMB compression requests over QUIC complete more consistently, reducing the likelihood of timeouts and supporting smoother, more dependable performance.
  • [Remote Desktop] This update improves protection against phishing attacks that use Remote Desktop (.rdp) files. When you open an .rdp file, Remote Desktop shows all requested connection settings before it connects, with each setting turned off by default. A one-time security warning also appears the first time you open an .rdp file on a device. For more information, see Understanding security warnings when opening Remote Desktop (RDP) files.
  • [Secure Boot] This update addresses an issue where the device might enter BitLocker Recovery after the Secure Boot updates.
  • [Windows Deployment Services (WDS)] This update disables the “Hands-Free Deployment” feature in WDS by default and is no longer a supported feature. For more information about this change, see Windows Deployment Services (WDS) Hands-Free Deployment Hardening Guidance related to CVE-2026-0386.
More updatesTo the product
Receive Important Update Messages Stay tuned for upcoming Microsoft updates

More from the Operating Systems section

Was the content helpful to you?

Advertisement Advertise here?
Udemy IT certification ad