Note
- EXPIRATION NOTICE
- IMPORTANT As of March 31, 2026, this update is no longer available from the Microsoft Update Catalog or other release channels. We recommend that you update your devices to the latest version of Windows.
Note
- Support for Windows 10 has ended on October 14, 2025
- After October 14, 2025, Microsoft will no longer provide free software updates from Windows Update, technical assistance, or security fixes for Windows 10. Your PC will still work, but we recommend moving to Windows 11.
- Learn more
Note
For information about Windows update terminology, see the article about the types of Windows updates and the monthly quality update types. For an overview of Windows 10, version 1809, see its update history page.
Note
Important Windows updates do not install Microsoft Store application updates. If you are an enterprise user, see Microsoft Store apps - Configuration Manager. If you are a consumer user, see Get updates for apps and games in Microsoft Store.
Change log
| Change date | Change description |
|---|---|
| July 3, 2025 |
|
| June 12, 2025 |
|
| May 9, 2025 |
|
Summary
This cumulative update contains security and quality improvements. The following is a summary of the key issues that this update addresses. The bold text within the brackets indicates the item or area of the change we are documenting.
- This update addresses security issues for your Windows operating system.
If you installed earlier updates, only the new updates contained in this package will be downloaded and installed on your device.
For more information about security vulnerabilities, please refer to the new Security Update Guide website and the April 2025 Security Updates.
Windows 10 servicing stack update (KB5055662) - 17763.7125
Microsoft now combines the latest servicing stack update (SSU) for your operating system with the latest cumulative update (LCU). SSUs improve the reliability of the update process to mitigate potential issues while installing updates.
This update makes quality improvements to the servicing stack, which is the component that installs Windows updates. To learn more about SSUs, see Servicing stack updates and Servicing Stack Updates (SSU): Frequently Asked Questions.
Known issues in this update
Citrix
Symptoms
Devices that have certain Citrix components installed might be unable to complete installation of the January 2025 Windows security update. This issue was observed on devices with Citrix Session Recording Agent (SRA) version 2411. The 2411 version of this application was released in December 2024.
Affected devices might initially download and apply the January 2025 Windows security update correctly, such as via the Windows Update page in Settings. However, when restarting the device to complete the update installation, an error message with text similar to “Something didn’t go as planned. No need to worry – undoing changes” appears. The device will then revert to the Windows updates previously present on the device.
This issue likely affects a limited number of organizations as version 2411 of the SRA application is a new version. Home users are not expected to be affected by this issue.
Workaround
The issue has been resolved in Citrix Session Recording Agent version 2503, released on April 28, 2025, and newer versions.
For details, see the documentation provided by Citrix at "Microsoft's January Security Update Fails/Reverts on a machine with 2411 Session Recording Agent".
Active Directory Group Policy: Events in local policy
Symptoms
Audit Logon/Logoff events in the local policy of the Active Directory Group Policy might not show as enabled on the device even if they are enabled and working as expected. This can be observed in the Local Group Policy Editor or Local Security Policy, where local audit policies show the "Audit logon events" policy with Security Setting of "No auditing".
This issue might only manifest as a reporting inconsistency. It’s possible that logon events are correctly being audited on the device. However, the “Audit logon events” policy will reflect that this is not the case. Home users are unlikely to be affected by this issue, as logon auditing is generally only necessary in enterprise environments.
Resolution
This issue is resolved in the April 11, 2025—KB5058922 (OS Build 17763.7240) Out-of-band update. This out-of-band (OOB) update is available only on the Microsoft Update Catalog. Since this is a cumulative update, you do not need to apply any previous update before installing it, and it supersedes all previous updates. Installation of this OOB will require a device restart.
If your organization has not deployed this update yet and you utilize Active Directory Group Policy, we recommend you apply the April 11, 2025—KB5058922 (OS Build 17763.7240) Out-of-band update instead.
As always, we recommend you install the latest update for your device as it contains important improvements and issue resolutions, including this one.
If you install an update released on or after April 11, 2025, you do not need to use a workaround for this issue.
If you are using an update released before April 11, 2025, and are experiencing this issue, there are adjustments that can be made to the Windows registry to prevent this issue. For information, see "Security auditing settings are not applied to Windows Vista-based and Window Server 2008-based computers when you deploy a domain-based policy".
How to get this update
EXPIRATION NOTICE
IMPORTANT As of March 31, 2026, this update is no longer available from the Microsoft Update Catalog or other release channels. We recommend that you update your devices to the latest version of Windows.