Overview

On May 13, 2025, as part of its regular Patch Tuesday schedule, Microsoft released the cumulative update KB5058405 for Windows 11 versions 22H2 and 23H2. This update advances the operating system builds to 22621.5335 and 22631.5335, respectively. The primary focus of this release is to address critical security vulnerabilities and resolve various system bugs, thereby enhancing the overall stability and performance of Windows 11.

Key Highlights

  • Security Enhancements: The update includes patches for multiple security vulnerabilities, reinforcing the system's defenses against potential threats.
  • Bug Fixes: Several known issues affecting system performance and user experience have been addressed.
  • Enterprise Impact: The update introduces changes that are particularly relevant for enterprise environments, including improvements in authentication protocols and system reliability.

Detailed Analysis

Security Fixes

The KB5058405 update addresses several security vulnerabilities, including:

  • Kerberos Authentication Vulnerability (CVE-2025-26647): This update includes protections for a vulnerability in the Kerberos authentication protocol. Microsoft has outlined a phased deployment to enforce these protections, starting with an audit mode in April 2025, moving to enforcement by default in July 2025, and full enforcement by October 2025. Administrators are advised to ensure all domain controllers are updated and to configure the INLINECODE0 registry key appropriately. Learn more
  • System Guard Runtime Monitor Broker Service Issue: An issue where the System Guard Runtime Monitor Broker service (SgrmBroker.exe) terminated unexpectedly has been resolved. This service is crucial for maintaining system integrity and security. More details

Bug Fixes

The update also resolves several bugs, including:

  • Remote Desktop Freezing: After installing previous updates, users experienced freezing issues during Remote Desktop sessions. This problem has been addressed in the current update. Read more
  • Authentication Failures Due to Password Rotation Issues: Devices using the Identity Update Manager certificate/Pre-Bootstrapping Key Initialization (PKINIT) protocol faced authentication failures due to improper password rotation. This issue has been resolved, ensuring smoother authentication processes. Details here

Enterprise Impact

For enterprise environments, the KB5058405 update brings significant improvements:

  • Active Directory Group Policy Reporting: An issue where audit logon/logoff events in the local policy of Active Directory Group Policy did not display correctly has been fixed. Accurate reporting is essential for compliance and security monitoring. More information
  • Citrix Compatibility: Devices with certain Citrix components installed previously faced issues completing Windows security updates. This update resolves compatibility issues with Citrix Session Recording Agent version 2411, ensuring smoother update processes. Further reading

Technical Details

  • OS Builds: Post-update, Windows 11 versions 22H2 and 23H2 will have OS builds 22621.5335 and 22631.5335, respectively.
  • Servicing Stack Update: The update includes quality improvements to the servicing stack, ensuring a robust and reliable update process.
  • Installation: The update is available through Windows Update and Microsoft Update Catalog. It is recommended to install the latest servicing stack update (SSU) before applying this cumulative update to ensure a smooth installation process.

Conclusion

The Windows 11 May 2025 Update KB5058405 is a critical release that addresses key security vulnerabilities and system bugs, with a particular focus on enterprise environments. IT administrators are encouraged to deploy this update promptly to maintain system security and stability.