Attention all Windows 10 users: A critical security update is causing unexpected headaches, and you need to know about it! Microsoft's KB5068781 Extended Security Update (ESU), released as part of November's Patch Tuesday, is failing to install on some corporate-licensed devices, leaving them vulnerable. But here's where it gets controversial—despite purchasing and applying the necessary ESU licenses, businesses are still encountering the dreaded 0x800f0922 error, which rolls back the update after a restart. And this is the part most people miss: Microsoft has confirmed the issue but hasn’t provided a fix or workaround yet, leaving IT teams in limbo.
This update, the first of its kind for Windows 10, was supposed to bolster security for devices still relying on the aging OS. However, since its release, numerous business users have reported installation failures. One BleepingComputer reader shared their frustration: 'The update seems to install, but after a restart, it fails and rolls back with the 0x800f0922 error—despite our devices being fully licensed.' Microsoft has acknowledged the problem, stating it affects devices activated via Windows subscription activation through the Microsoft 365 Admin Center. But why is this happening, and why hasn’t a solution been provided?
Here’s the kicker: While Microsoft investigates, Windows admins are noticing another oddity—not all eligible devices are even flagged as needing the update, even when properly licensed. This raises questions about the reliability of Microsoft’s licensing and update distribution systems. Could this be a sign of deeper issues with how ESUs are managed? We’d love to hear your thoughts in the comments.
To add to the chaos, there’s no estimated timeline for a fix, leaving organizations scrambling to secure their systems. To help, BleepingComputer is hosting a free webinar on December 2 with Action1, focusing on modern patch management strategies to avoid such pitfalls. If you’re struggling with update rollouts, this could be a game-changer.
But let’s take a step back—why does this matter? As Model Context Protocol (MCP) becomes the standard for connecting large language models (LLMs) to tools and data, security teams are racing to protect these systems. Our free cheat sheet outlines 7 essential security best practices for MCP, ensuring you stay ahead of potential threats. Download it today and fortify your defenses.
So, what’s your take? Is Microsoft dropping the ball with this ESU rollout, or are these growing pains for an aging OS? Let us know in the comments—we’re all ears!
