MC1072930 – The May 2025 Windows security update is now available

Product:

SharePoint, Windows, Windows Server

Platform:

Online, Windows Desktop, World tenant

Status:

Change type:

Admin impact

Links:

Details:

The May 2025 security update is now available for all supported versions of Windows. We recommend that you install these updates promptly. For more information about the contents of this update, see the release notes, which are easily accessible from the Windows 11 and Windows 10 update history pages. To learn more about the different types of monthly quality updates, see Windows monthly updates explained.

Highlights for the Windows 11, version 24H2 update:
This security update includes improvements that were a part of update KB5055627 (released April 25, 2025).
This update makes quality improvements to the servicing stack, which is the component that installs Windows updates.
This update addresses security issues for your Windows operating system.


Short on time? Watch our Windows 11 release notes video for this month's tips.


For instructions on how to install this update, see the KB for your operating system listed below:
Windows 11, version 24H2: KB5058411
Windows 11, versions 23H2 and 22H2: KB5058405
Windows 11 Enterprise LTSC 2024: Hotpatch KB5058497
Windows 10, versions 22H2 and 21H2: KB5058379
Windows 10 Enterprise LTSC 2019 and Windows Server 2019: KB5058392
Windows 10 LTSB 2016 and Windows Server 2016: KB5058383
Windows 10 LTSB 2015: KB5058387
Windows Server 2025: KB5058411
Windows Server 2025 Datacenter: Azure Edition: Hotpatch KB5058497
Windows Server 2022: KB5058385
Windows Server 2022 Datacenter: Azure Edition: Hotpatch KB5058500
Windows Server 2012 R2: Monthly Rollup: KB5058403
Windows Server 2012: Monthly Rollup: KB5058451
Windows Server 2008 R2 Service Pack 1: Monthly Rollup: KB5058430 / Security Only: KB5058454
Windows Server 2008 SP2: Monthly Rollup: KB5058449 / Security Only: KB5058429

Change Category:
XXXXXXX ... free basic plan only

Scope:
XXXXXXX ... free basic plan only

Release Phase:

Created:
2025-05-14

updated:
2025-05-14

Task Type

XXXXXXX ... free basic plan only

Docu to Check

XXXXXXX ... free basic plan only

MS Preperations

XXXXXXX ... free basic plan only

MS Urgency

XXXXXXX ... free basic plan only

MS workload name

XXXXXXX ... free basic plan only

summary for non-techies**

The May 2025 Windows security update includes improvements to the servicing stack and specific instructions for different Windows versions, such as KB5058411 for Windows 11, version 24H2, and KB5058497 for Windows Server 2025 Datacenter: Azure Edition, to enhance system security and efficiency.

Direct effects for Operations**

System Downtime
Unprepared installation of the update may lead to unexpected system downtime, affecting user access to critical applications.
   - roles: IT Administrator, End User
   - references: https://support.microsoft.com/help/5055627, https://support.microsoft.com/topic/23bc4731-d39a-4478-8b4f-b64737fc2371

Compatibility Issues
The update may introduce compatibility issues with existing applications, leading to disruptions in user workflows.
   - roles: Application Support Specialist, End User
   - references: https://support.microsoft.com/help/5058405, https://support.microsoft.com/help/5058379

Performance Degradation
Without proper testing, the update could degrade system performance, impacting user experience and productivity.
   - roles: System Administrator, End User
   - references: https://support.microsoft.com/help/5058385, https://support.microsoft.com/help/5058392

Security Vulnerabilities
Failure to install the update promptly may leave systems vulnerable to security threats, risking data integrity.
   - roles: Security Officer, IT Administrator
   - references: https://support.microsoft.com/help/5058403, https://support.microsoft.com/help/5058451

User Training Needs
Changes in system functionality may require additional user training, which can disrupt normal operations if not planned.
   - roles: Training Coordinator, End User
   - references: https://support.microsoft.com/topic/57181688-a692-49e5-b6cd-6e3919da12ca, https://www.youtube.com/watch?v=5_2IKAIfHuQ

Configutation Options**

XXXXXXX ... paid membership only

Opportunities**

Automated Update Management
Implementing automated update management tools can streamline the process of deploying security updates across all devices, ensuring that all systems are promptly updated without manual intervention. This reduces the risk of vulnerabilities and improves overall security posture.
   - next-steps: Research and select an appropriate automated update management tool that integrates with existing IT infrastructure. Plan a pilot deployment to test effectiveness before full rollout.
   - roles: IT Administrators, Security Officers, System Administrators
   - references: https://www.microsoft.com/en-us/microsoft-365/windows/update-management, https://www.cio.com/article/351576/how-to-automate-windows-updates.html

Enhanced User Training Programs
Providing enhanced training programs for end-users on the importance of security updates and how to manage them can improve compliance and user engagement. This will lead to a more secure environment as users become proactive in ensuring their systems are up-to-date.
   - next-steps: Develop a training curriculum focused on security updates, including best practices for users. Schedule regular training sessions and create informative materials to distribute to all employees.
   - roles: Training Coordinators, IT Support Staff, HR Managers
   - references: https://www.infosecurity-magazine.com/news/importance-security-awareness-training-12135, https://www.csoonline.com/article/3296724/the-importance-of-security-awareness-training.html

Centralized Reporting Dashboard for Updates
Creating a centralized reporting dashboard that tracks the status of updates across all devices can provide IT teams with better visibility into compliance and vulnerabilities. This can help prioritize update deployments and identify systems that are lagging behind.
   - next-steps: Identify tools that can aggregate update statuses and create a prototype dashboard. Collaborate with stakeholders to define key metrics and reporting needs.
   - roles: IT Managers, System Administrators, Compliance Officers
   - references: https://www.techrepublic.com/article/how-to-build-a-centralized-dashboard-for-it-management/, https://www.zdnet.com/article/5-tips-for-creating-an-it-dashboard-that-works/

Potentional Risks**

XXXXXXX ... paid membership only

IT Security**

XXXXXXX ... paid membership only

explanation for non-techies**

XXXXXXX ... free basic plan only