Microsoft releases KB5083769 for Windows 11 25H2 and 24H2 with security fixes and reset bug repair
4 min. read 
Published on
Microsoft has released KB5083769 for Windows 11 versions 25H2 and 24H2 as the April 2026 Patch Tuesday cumulative update. The release raises systems to build 26200.8246 on version 25H2 and build 26100.8246 on version 24H2.
This is a mandatory security update, so eligible devices will download and install it through Windows Update. Microsoft also made it available through the Microsoft Update Catalog, Windows Server Update Services, and Windows Update for Business.
Access content across the globe at the highest speed rate.
70% of our readers choose Private Internet Access
70% of our readers choose ExpressVPN
Browse the web from multiple devices with industry-standard security protocols.
Faster dedicated servers for specific actions (currently at summer discounts)
Beyond the usual security fixes, KB5083769 adds a few visible improvements. Microsoft says the update strengthens Remote Desktop protection against malicious .rdp files, improves SMB compression reliability over QUIC, and fixes a “Reset this PC” problem that could break the Keep my files and Remove everything options after the March hotpatch update KB5079420.
What changes in KB5083769
One of the most notable additions is a new safety layer for Remote Desktop files. Microsoft says that when users open an .rdp file, Remote Desktop now shows all requested connection settings before connecting, with each setting turned off by default. Windows also shows a one-time warning the first time a device opens an .rdp file.
Microsoft also says the update improves networking reliability when Windows uses SMB compression over QUIC. In its wording, SMB compression requests should now complete more consistently, which reduces timeout risk and makes transfers smoother.
Another practical fix targets the reset failure tied to the March 2026 hotpatch update KB5079420. Microsoft says KB5083769 resolves an issue that could cause device reset to fail when users picked Keep my files or Remove everything.
AI components and servicing stack details
Microsoft also bundles updated AI components with this release. The company lists Image Search, Content Extraction, Semantic Analysis, and Settings Model at version 1.2603.377.0.
There is one limit here. Microsoft says those AI component updates only apply to Windows Copilot+ PCs, and they will not install on standard Windows PCs or Windows Server systems.
The release also includes a servicing stack update, KB5088467, version 26100.8247. Microsoft says servicing stack updates improve the reliability of the component that installs future Windows updates.
Known issue: some devices may ask for a BitLocker recovery key
Microsoft has flagged one known issue in KB5083769. Some managed devices with what the company calls an unrecommended BitLocker Group Policy configuration may be asked for their BitLocker recovery key on the first restart after installation.
According to Microsoft, the issue only affects a limited set of systems where BitLocker is enabled on the OS drive, PCR7 is explicitly included in the TPM validation profile, msinfo32.exe shows Secure Boot State PCR7 Binding as Not Possible, the Windows UEFI CA 2023 certificate is present, and the device is not already using the 2023-signed Windows Boot Manager.
Microsoft says the recovery prompt should appear only once if the policy remains unchanged. For enterprises, the company recommends auditing BitLocker policies before wide rollout. It also says a Known Issue Rollback is available for customers that cannot remove the PCR7 Group Policy before deploying the update.
KB5083769 at a glance
| Item | Details |
|---|---|
| Update | KB5083769 |
| Release date | April 14, 2026 |
| Windows 11 25H2 build | 26200.8246 |
| Windows 11 24H2 build | 26100.8246 |
| Includes | Security fixes, Remote Desktop protections, networking reliability improvements, reset bug fix |
| Servicing stack update | KB5088467, version 26100.8247 |
| AI component version | 1.2603.377.0 |
| Known issue | Some managed devices may require a BitLocker recovery key once after restart |
What Windows 11 users and admins should do
- Install KB5083769 through Settings > Windows Update
- Prioritize testing if your environment uses BitLocker with custom PCR7-related Group Policy settings
- Check whether recent reset failures on affected devices disappear after this update
- Review Remote Desktop file handling changes if your users open
.rdpattachments or shared connection files - Use the Microsoft Update Catalog or WSUS for managed deployments
FAQ
It is the April 14, 2026 cumulative security update for Windows 11 versions 25H2 and 24H2. It moves systems to builds 26200.8246 and 26100.8246.
Microsoft says it includes security fixes, stronger protections for Remote Desktop .rdp files, better SMB compression reliability over QUIC, and a fix for a device reset failure linked to KB5079420.
Yes, but only for Windows Copilot+ PCs. Microsoft lists updated AI components at version 1.2603.377.0.
Yes. Some devices with a specific BitLocker Group Policy setup may need the BitLocker recovery key on the first restart after installation.
Read our disclosure page to find out how can you help VPNCentral sustain the editorial team Read more
Improve this guide
User forum
0 messages