On May 26, Microsoft released KB5089573, an optional non-security preview update for Windows 11 versions 24H2 and 25H2. The update moved supported PCs to builds 26200.8524 and 26100.8524 respectively, while adding features like Bluetooth Shared Audio, neural processing unit (NPU) reporting in Task Manager, and a fresh crop of reliability fixes. But the release also serves as a warning flare: the prior May 12 security update, KB5089549, can still fail to install with error 0x800f0922 on systems where a hidden partition runs out of room—a problem that will become critical as Microsoft gears up to refresh Secure Boot certificates across millions of devices.
What actually arrived in KB5089573
The preview update is a mixed bundle. For users, the most visible additions include:
- Shared Audio: Two people can listen to the same audio stream from one PC using Bluetooth LE Audio, if the hardware and paired devices support it.
- Magnifier improvements: Clearer screen-reader announcements, support for protected content, and smoother lens-mode behavior.
- Task Manager NPU columns: Neural processing usage now appears under Processes, Users, Details, and Performance pages—covering NPU engine, dedicated memory, shared memory, and activity. This makes accelerated AI workloads observable, not just a marketing promise.
- Multi-App Camera: Multiple applications can access the camera stream simultaneously, with a new Basic Camera mode for stability and troubleshooting. Enterprise admins can control both modes through Group Policy under Windows Components.
- Custom user folder name during setup: On the Device Name page, you can now pick a user folder name instead of having Windows derive one from your Microsoft account or truncate it awkwardly.
Reliability fixes are stacked deep. App launch speed, Start, Search, and Action Center are quicker. Windows Hello recovers better after Modern Standby and shows consistent sign-in methods on the lock screen. USB4 displays behind docks, USB3 resilience, battery sensors, touch keyboard on sign-in, clipboard history, and explorer.exe stability all see small but meaningful improvements. The Microsoft Store got better download performance and now provides clearer error messages when group policies block downloads. Even Times New Roman rendering got a fix for diacritical marks across Greek and Cyrillic scripts—a typography fix that matters for readability in those languages.
AI components were updated to version 1.2605.856.0 (Image Search, Content Extraction, Semantic Analysis, and Settings Model), but they apply only to Copilot+ PCs and won’t install on ordinary hardware. This pattern—AI payloads riding the same cumulative channel as security and reliability fixes—underscores how quickly Windows 11 is being reshaped around neural hardware.
The hidden partition that’s breaking updates
Despite the feature list, the most urgent story is a known issue carried over from the May 12 security update, KB5089549. Some devices fail to complete installation with error 0x800f0922 when the EFI System Partition (ESP) has very little free space—typically 10 MB or less. The pattern is frustratingly consistent: the update appears to install, the machine restarts, progress reaches about 35–36%, Windows rolls back, and the user sees “Something didn’t go as planned. Undoing changes.”
What makes this failure deceptive is that you might have hundreds of gigabytes free on C: drive while a tiny, hidden partition—created years ago and never monitored—blocks the update. The CBS.log entries point to insufficient free space for boot file servicing, often exacerbated by OEM utilities, recovery tooling, or third-party boot files cluttering the ESP.
Microsoft’s documentation offers a registry workaround: adding an EspPaddingPercent value under HKLM\SYSTEM\CurrentControlSet\Services\Bfsvc\Parameters to change how much padding Windows demands when servicing boot files. This is a surgical fix, not a casual tweak; incorrect editing can cause serious system problems. The company has also activated a Known Issue Rollback (KIR) that automatically deploys to consumer and unmanaged business devices—a restart helps it take hold faster. Enterprise-managed machines need the matching Group Policy for Windows 11 24H2 and 25H2, followed by a restart.
The existence of that rollback is good news, but it doesn’t fix the underlying partition hygiene. A cramped ESP will remain a risk for future updates, especially as Secure Boot certificate work accelerates.
Secure Boot’s ticking clock
That brings us to the update’s most consequential but least visible change: Secure Boot certification infrastructure is being refreshed, and time is running short. Microsoft again warns that Secure Boot certificates used by most Windows devices are set to expire starting in June 2026—not a distant cloud anymore, but the next major servicing cliff.
KB5089573 expands “high confidence” targeting data so more systems can automatically receive updated certificates. At the same time, it introduces a new policy and MDM setting, LimitSecureBootRequiredServiceData, which lets organizations block a Secure Boot service event normally sent to Microsoft. This privacy option for restricted networks also reveals a tension: Microsoft needs telemetry-like signals to avoid bricking devices with a bad certificate update, while some enterprises must limit what endpoints send home.
For IT teams, the message is clear: certificate transitions touch firmware, bootloaders, recovery environments, OEM decisions, and update history. Devices with legacy disk layouts, dual-boot histories, or third-party encryption residue are the ones most likely to stumble when the mandatory phase arrives. A phased rollout helps, but only if your fleet’s data actually reaches Microsoft’s confidence models.
How we got here: the cumulative update train
KB5089573 embodies the modern Windows servicing cadence. The late-month optional preview acts as a dress rehearsal for the next Patch Tuesday—a production-quality snapshot of what will soon become mandatory for everyone. Microsoft uses this slot to stage AI-era features, sprinkle in reliability fixes, and prepare plumbing like Secure Boot renewal.
But the interconnected nature of cumulative updates means a single package now touches user-facing features, boot trust, neural hardware, camera policies, and hidden partitions. Ten years ago, these would have been separate hotfixes and feature packs. Today, they ride the same monthly train—and when a small ESP space problem derails the train, it blocks everything, not just the one fix you needed.
Known Issue Rollback (KIR) has become the safety net, allowing Microsoft to disable problematic non-security changes without splintering the cumulative update. That’s a massive improvement over the old model, but it also creates a two-class recovery path: consumers get the mitigation automatically, while enterprises must deliberately deploy a GPO. In hybrid fleets where some devices are Intune-managed, some domain-joined, and some effectively unmanaged, the fix path diverges—and helpdesks get confused.
What to do now: a practical action plan
For home and power users:
- If your PC is stable and you don’t urgently need a new feature from KB5089573, consider waiting for the June security update. The preview is optional for a reason.
- If you’ve already hit the 0x800f0922 rollback, do not endlessly retry the update. Check your EFI System Partition size and free space. You can do this by opening Disk Management (diskmgmt.msc), looking for a small partition labeled “EFI System Partition,” and noting its capacity and used space. To see free space, you may need to use a third-party tool or
diskpartin an elevated command prompt:
1. Open Command Prompt as Administrator.
2. Typediskpartand press Enter.
3. Typelist disk, identify your system disk, thenselect disk X.
4. Typelist partition, find the partition with type “System” and size around 100–500 MB.
5. Select it withselect partition Yand typedetail partitionto see free space. - If free space is critically low (10 MB or less), the registry workaround may help you install the update, but long-term you should investigate what’s consuming space in the ESP (OEM recovery tools, old boot entries, etc.) and consider resizing the partition if you’re technically comfortable.
- The registry change involves navigating to
HKLM\SYSTEM\CurrentControlSet\Services\Bfsvc\Parametersand creating a new DWORD value namedEspPaddingPercentwith a value between1and100. Microsoft warns this reduces padding, so proceed with caution and back up your data first.
For IT administrators:
- Deploy the Known Issue Rollback Group Policy for Windows 11 24H2 and 25H2 to all managed devices that might be affected. The policy is available from Microsoft; its name and GUID are documented in the KB article.
- Inventory your fleet for devices that failed KB5089549 or show 0x800f0922. Check their CBS logs for the telltale “insufficient free space” entries.
- Audit EFI System Partition sizes across your environment. Systems upgraded through multiple Windows generations, OEM-provided machines with extra recovery partitions, or devices that once dual-booted are at highest risk.
- Review whether your Secure Boot certificate readiness is blocked by restrictive policies, network controls, or the new
LimitSecureBootRequiredServiceDatasetting. Make an informed decision about suppressing service data: you may gain privacy at the cost of automatic certificate targeting. - Test the optional preview in a pilot ring to see if the June Patch Tuesday update will collide with your specific combination of hardware, firmware, and group policies.
What to watch next
Microsoft says a permanent fix for the 0x800f0922 ESP space issue is coming in a future Windows update. That may resolve the symptom, but it won’t clean up every device’s hidden partition. Meanwhile, Secure Boot certificate expiration looms—the first expiry in June 2026 will force a flag day for many PCs if they haven’t already updated.
KB5089573 isn’t a crisis release, but it’s an early warning system. The features are the window dressing; the boot path is the foundation. If your system can’t install an update because a partition you didn’t know existed is full, it’s time to look under the hood before the next security update arrives.