Table of Contents
- What specific bugs does Microsoft fix in the Windows 11 KB5074109 patch?
- Advisor’s Report: Microsoft Patch Tuesday (January 13, 2026)
- Windows 11 Updates
- Version 24H2 & 25H2 (Update KB5074109)
- Version 23H2 (Update KB5073455)
- Windows 10 Updates (ESU & LTSC Only)
- Version 21H2 – 22H2 (Update KB5073724)
- Enterprise 2019 LTSC (Update KB5073723)
- Enterprise 2016 LTSC (Update KB5073722)
- Universal System Changes (All Versions)
- Deprecation of Legacy Modem Drivers
- WinSqlite3.dll Security Adjustment
- Secure Boot Phased Rollout
What specific bugs does Microsoft fix in the Windows 11 KB5074109 patch?
Advisor’s Report: Microsoft Patch Tuesday (January 13, 2026)
On January 13, 2026, Microsoft deployed its scheduled cumulative updates for Windows 10 and Windows 11. This cycle focuses heavily on stabilizing core system functions and retiring outdated hardware support.
Security remains the priority. This update addresses critical vulnerabilities detailed in the Microsoft Security Update Summary. Below is a technical breakdown of how these changes impact your infrastructure and daily workflow.
Windows 11 Updates
Microsoft segments these updates based on your specific version build.
Version 24H2 & 25H2 (Update KB5074109)
This cumulative update targets the most recent Windows 11 builds. It resolves specific instability issues that affect power management and networking.
- Neural Processing Unit (NPU) Power Drain: The update fixes a bug where devices with an NPU failed to power down correctly. Your device should now conserve battery efficiently during idle periods.
- WSL Networking Logic: Engineers resolved a routing failure in the Windows Subsystem for Linux (WSL). Previously, mirrored networking caused “No route to host” errors during VPN use. This patch restores seamless access to corporate resources.
- Azure Virtual Desktop Stability: Users previously facing disconnection issues with RemoteApp in Azure environments will see improved stability. This fix specifically addresses regressions introduced in update KB5070311.
- WDS Hardening: Windows Deployment Services (WDS) now disables hands-free deployment by default. IT administrators must review the new hardening guidance to adjust their deployment workflows.
Version 23H2 (Update KB5073455)
Note: This update applies only to Enterprise and Education editions. Home and Pro editions reached End of Service in November 2025.
- Application Crash Fixes: Microsoft repaired a critical input bug causing crashes in Outlook, Teams, Edge, Chrome, and Excel. You can now enter text in these applications without unexpected closures.
- Remote Desktop Protocol (RDP): The patch resolves a kernel issue that caused RDP connections to fail, which previously required a full device restart to clear.
Windows 10 Updates (ESU & LTSC Only)
Windows 10 mainstream support ended in October 2025. You must possess an Extended Security Update (ESU) license or run an LTSC version to receive these patches.
Version 21H2 – 22H2 (Update KB5073724)
This update serves machines running Windows 10 21H2 Enterprise LTSC and 22H2 with ESU. It focuses on the shared component fixes listed in the “Universal Changes” section below.
Enterprise 2019 LTSC (Update KB5073723)
This patch applies to Windows 10 2019 Enterprise LTSC (v1809) and IoT Enterprise LTSC. It integrates the same core security fixes and driver removals as the newer versions.
Enterprise 2016 LTSC (Update KB5073722)
For legacy systems on version 1607, this update addresses specific security vulnerabilities. Administrators must install the latest Servicing Stack Update (SSU) before applying this patch manually.
Universal System Changes (All Versions)
These changes affect both Windows 10 and Windows 11 environments.
Deprecation of Legacy Modem Drivers
Microsoft removed support for several aging modem drivers. Hardware relying on agrsm64.sys, agrsm.sys, smserl64.sys, or smserial.sys will cease functioning immediately after this update. You must upgrade any legacy communication hardware reliant on these files.
WinSqlite3.dll Security Adjustment
The update modifies WinSqlite3.dll, a core Windows component. This change prevents third-party security software from falsely flagging the file as vulnerable. Note that this file is distinct from the standard sqlite3.dll found in application folders.
Secure Boot Phased Rollout
Updates now carry high-confidence targeting data for Secure Boot. Your device will receive new Secure Boot certificates only after it sends sufficient success signals. This ensures a safe deployment that prevents boot failures.