Microsoft has released the first Windows 10 update of 2026 in the form of the KB5073724 update. The update is available for Windows 10 21H2 and 22H2 users signed up to the ESU (Extended Security Update) program.
With Windows 10 no longer receiving mainstream support, this update is nothing more than a security update – although it is no less important because of that. The list of fixes is not huge, but Windows 10 hangers on should install it nonetheless.
Unusually for an update, Microsoft does not say that there are any known issues with the KB5073724 update. This, of course, could change, but for now it is believed to be problem-free.
The changelog for this update is as follows:
- [Drivers] This update removes the following modem drivers: agrsm64.sys (x64), agrsm.sys (x86), smserl64.sys (x64) and smserial.sys (x86). Modem hardware dependent on these specific drivers will no longer work in Windows.
- [Secure Boot] Starting with this update, Windows quality updates include a subset of high confidence device targeting data that identifies devices eligible to automatically receive new Secure Boot certificates. Devices will receive the new certificates only after demonstrating sufficient successful update signals, ensuring a safe and phased deployment.
- [WinSqlite3.dll] Fixed: The Windows core component, WinSqlite3.dll, has been updated. Previously, some security software might have detected this component as vulnerable.
Microsoft adds the following note for the sake of clarity:
Note: WinSqlite3.dll is a separate component from sqlite3.dll, which is found in application-specific directories and is not a Windows component. If security applications continue to detect sqlite3.dll as vulnerable, contact the developer of the app using sqlite3.dll for an update. If sqlite3.dll is being used by a Microsoft app, install the latest version of the app from the Microsoft Store.
It is also worth noting that Microsoft is using this update to warn about Windows Secure Boot certificate expiration. The company issues the following advice:
Important: Secure Boot certificates used by most Windows devices are set to expire starting in June 2026. This might affect the ability of certain personal and business devices to boot securely if not updated in time. To avoid disruption, we recommend reviewing the guidance and taking action to update certificates in advance. For details and preparation steps, see Windows Secure Boot certificate expiration and CA updates.
You can install the KB5073724 update by heading to Windows Update in Settings, or you can download it directly from the Microsoft Update Catalog.
Image credit: Monticelllo / Dreamstime.com
