Microsoft closed out 2025 with a cumulative update for Windows 11 that squashes a widely reported visual bug in File Explorer and repairs a Hyper-V networking flaw that could knock virtual machines offline. Released on December 9, KB5072033 lands as the year’s final Patch Tuesday rollup, bundling the month’s security fixes with a collection of quality-of-life improvements—including a way to banish the contentious drag tray when sharing files.

What’s in KB5072033?

This update applies to both Windows 11 24H2 (OS Build 26100.7462) and 25H2 (OS Build 26200.7462). It absorbs the optional non-security preview from earlier in December (KB5070311), meaning anyone who installed that preview will now get these fixes channeled through the standard monthly servicing stack. Microsoft is rolling the new features out gradually, so not every device will see everything right away, but the most notable changes are:

File Explorer dark mode gets more consistent—and a flash fix

For months, Microsoft has been pushing dark mode into every corner of File Explorer. With KB5072033, more dialogs—copy/move progress windows, delete confirmations, and other pop-ups—now honor the system’s dark theme, creating a visually unified experience. But the real headline is a bug fix: the optional December preview introduced a jarring white flash whenever users opened or navigated File Explorer in dark mode. This update explicitly addresses that regression. If you’ve been wincing at the flashbang effect, installing KB5072033 should put an end to it.

Drag tray gets an off switch

The “share drag tray” that appears at the top of the screen when you drag files has drawn plenty of criticism for cluttering the interface. Now, a toggle in Settings lets you disable it entirely. Look under Nearby Sharing or File Explorer sharing options—availability depends on your device and feature rollout state—and you can stop the tray from hijacking your drag operations.

Hyper-V external switch binding repair

A significant fix for administrators: systems using external virtual switches could lose their physical NIC bindings after a host reboot, silently switching to internal mode and cutting off VM network access. KB5072033 ensures bindings persist across reboots, restoring normal operations for Hyper-V hosts. This one deserves a spot at the top of any pilot test plan.

PowerShell 5.1 adds a security prompt

Invoke-WebRequest now throws a confirmation warning before executing web content, linked to CVE-2025-54100. The prompt explicitly flags script-execution risk, giving users a chance to continue or cancel. It’s a welcome hardening step, but it will break unattended scripts that rely on silent downloads. Microsoft’s advisory (KB5074596) details the change.

Copilot, Start menu, and other polish

  • Copilot Click-to-Do now stays in front: The window no longer hides behind other apps when you share data.
  • Windows Search pane sizing: It now matches the Start menu, reducing awkward mismatches.
  • Spotlight wallpaper skip: Right-click the desktop to jump to the next background image without diving into Settings.
  • Haptic feedback for snapping and dragging: Available on hardware with compatible peripherals (touchpads, mice, pens)—another gradual rollout.
  • Settings migration: More legacy Control Panel text-input and keyboard options move into the modern Settings app, alongside a new device info card in About.

Known issue: invisible password icon

Microsoft flags a cosmetic glitch where the password option on the login screen may appear invisible. The area is still clickable, so you can sign in by tapping the blank space where the icon normally sits. This is documented and not security-related.

What This Means for You

For home users

If you let Windows Update run automatically, KB5072033 will arrive as a standard Patch Tuesday install. It’s worth applying promptly for the security patches alone, but you’ll also enjoy the dark-mode fix if you installed the December preview and saw the white flash. The password-icon quirk is harmless but may confuse; just know the invisible button works. For power users who tweak themes, the improved dark mode consistency is a tangible win, and the ability to kill the drag tray is a quick quality-of-life boost.

For IT professionals and admins

This update demands more deliberate handling. The Hyper-V fix is critical for any environment running external virtual switches—test it first on a representative host and confirm VM networking survives a reboot. The PowerShell 5.1 change will trip up automation that fetches web content; audit your scripts, especially those using Invoke-WebRequest in unattended mode, and consider moving to PowerShell 7 where the prompt is not present. Staged rollout via pilot rings is advisable, watching for help-desk tickets around File Explorer flashing, sign-in anomalies, or Hyper-V connectivity.

How We Got Here: The Preview’s White Flash

2025 cemented Microsoft’s practice of shipping non-security “preview” updates a few weeks before Patch Tuesday. Those previews let enthusiasts and admins test incoming changes early, but they also create a window where regressions can surface and spread. The December preview (KB5070311) introduced the File Explorer white flash—a bug that was immediately noticeable, widely discussed on forums and social media, and acknowledged by Microsoft. KB5072033 is the fix that catches up to that earlier release, pulling the preview’s features and the corrective patches into one mandatory cumulative update. This model speeds up feature delivery, but visible UI bugs like this one erode confidence and generate noise. Microsoft’s challenge is to tighten testing around the most visible parts of the shell so that next year’s previews don’t ship similar regressions.

Steps to Take Now

If you have the December preview (KB5070311) and see the white flash:

  • Install KB5072033 via Windows Update. The flash should disappear.
  • As a temporary workaround, switch to Light mode (Settings > Personalization > Colors) until the update is applied.
  • If you can’t install the update yet, you can uninstall the preview: go to Settings > Windows Update > Update history > Uninstall updates, find KB5070311, and remove it. Reboot afterward. Advanced users can use DISM from an elevated prompt: run DISM /online /get-packages to identify the package, then DISM /online /Remove-Package /PackageName:<name>.

For all users:

  • Open Windows Update, check for updates, and install KB5072033. It includes January’s security patches.
  • After installation, verify that File Explorer behaves normally in dark mode.
  • If you rely on PowerShell 5.1 scripts, test them: Invoke-WebRequest will now prompt. For silent automation, either refactor to suppress the prompt (e.g., use -UseBasicParsing and handle streams directly) or migrate to PowerShell 7.

For IT administrators:

  • Deploy to a pilot group within 24–48 hours, prioritizing Hyper-V hosts and management servers.
  • Confirm external virtual switch bindings survive a reboot on each host.
  • Audit and update any deployment tools or scripts that use Invoke-WebRequest. Update runbooks and notify operations teams.
  • Watch for regressions in custom UI integrations or third-party shell extensions that interact with File Explorer.
  • Stage broad deployment after 7–10 days of pilot telemetry and ticket review.

Looking Ahead

Microsoft’s monthly feature-drop tempo shows no sign of slowing. Expect more gradual dark mode refinements, continued Settings migration, and tighter OS security hardening in 2026. The lesson from KB5072033 is clear: even minor polish can introduce visible regressions, and the preview-then-fix cadence demands that both consumers and enterprises stay alert to each month’s optional releases. For now, installing this update is a straightforward way to clean up the last of 2025’s quirks while locking in critical security protections.