Microsoft Releases Windows 11 Update KB5074105: Key Enhancements and Critical Security Advisory
Microsoft has officially released the optional non-security preview update KB5074105 for Windows 11 versions 25H2 and 24H2. This update, part of the January 2026 C-week schedule, focuses on enhancing functionality, optimizing performance, and improving system reliability, rather than addressing security vulnerabilities.
Key Highlights of KB5074105:
1. Cumulative Enhancements: This update integrates previous fixes and introduces new changes to the operating system’s servicing stack and AI-driven components, ensuring a more seamless user experience.
2. Critical Security Advisory: Microsoft has included an important notification regarding the impending expiration of Windows Secure Boot certificates. These certificates, utilized by the majority of Windows devices, are set to expire starting in June 2026. Administrators and users must prioritize updating these certificates before the deadline to prevent potential boot issues. Failure to update may result in devices being unable to boot securely. Microsoft strongly recommends reviewing the guidance on Certificate Authority (CA) updates to avoid operational disruptions.
3. Simplified Update Titles: To streamline administrative processes, Microsoft has implemented a simplified title format for Windows updates beginning with this release. The new naming convention removes redundant technical elements, such as platform architecture (e.g., x64-based systems), while retaining essential identifiers, including the date prefix, KB number, and build version. This change aims to improve readability in log files and deployment tools like Windows Server Update Services (WSUS) and Microsoft Configuration Manager.
4. AI Component Refinements: The KB5074105 update introduces significant refinements to the underlying models powering Copilot+ PC experiences and standard Windows 11 AI features. These updates are delivered through a phased rollout, meaning availability may vary initially before reaching general availability. The specific component versions updated in this release are detailed below:
– Image Search: Version 1.2601.1268.0
– Content Extraction: Version 1.2601.1268.0
– Semantic Analysis: Version 1.2601.1268.0
– Settings Model: Version 1.2601.1268.0
5. Servicing Stack Update (SSU): This cumulative update includes the Servicing Stack Update (SSU) KB5074104, which brings the servicing stack version to 26100.7704. The SSU is responsible for installing Windows updates, ensuring the update engine itself remains robust. Microsoft combines the latest SSU with the Latest Cumulative Update (LCU) to prevent version mismatches during deployment. Consequently, users cannot uninstall the SSU portion of this package once it has been applied.
Installation and Deployment:
IT administrators looking to deploy this update can access it via Windows Update for Business, the Microsoft Update Catalog, or WSUS. For those needing to remove the LCU portion of the package for troubleshooting purposes, the standard `wusa.exe /uninstall` switch will fail due to the combined SSU payload. Instead, administrators must utilize the Deployment Image Servicing and Management (DISM) tool. The specific syntax requires the `/Remove-Package` option combined with the precise LCU package name, which can be retrieved by running `DISM /online /get-packages` in an elevated command prompt. Microsoft reports no currently known issues associated with this release.
