Windows 11 Patch Tuesday: What the KB5079473 Update Really Means
In March 2026, Microsoft rolled out KB5079473 for Windows 11 versions 24H2 and 25H2. The update is positioned as a security-focused release, but it also brings tangible quality-of-life tweaks that affect everyday computing. My take: this is less a dramatic reboot and more a steady calibration of the system’s guardrails and usability, reflecting a broader industry move toward safer, more predictable user environments.
What’s in the update, in plain terms
- Secure Boot enhancements: The update expands the pool of devices eligible for new Secure Boot certificates by tying eligibility to improving update signals and ensuring a phased, controlled rollout. In practice, this means tighter post-update integrity checks and fewer headaches for devices that consistently receive and apply updates. What this signals is that Microsoft is leaning into stronger boot-time trust as a default, not a luxury.
- File Explorer improvements: Search reliability across multiple drives and “This PC” gets a tune-up. This is a veritable day-to-day improvement for anyone who still navigates a maze of drives or uses File Explorer as a primary workflow hub. What makes this interesting is that even small reliability tweaks can significantly reduce friction for a large user base, reinforcing the idea that usability and security are not mutually exclusive in modern OS design.
- Windows Defender Application Control (WDAC) improvements: The patch fixes a mismatch where COM objects could be blocked when the endpoint security policy was stricter than the allowlisting policy. Now, COM objects are allowed as expected. This matters for enterprises and power users who rely on legacy components in controlled environments. From my perspective, the change avoids unnecessary friction without sacrificing security, illustrating a nuanced balance between policy enforcement and operational practicality.
- Windows System Image Manager (WSIM) improvements: A reliability boost for selecting trusted catalog files, plus a warning dialog to verify file provenance. This is a small but meaningful enhancement for IT teams and advanced users who craft or customize Windows images. It reduces the risk of inadvertent exposure to untrusted sources, aligning with a broader trend toward safer system customization workflows.
What the February 2026 non-security update adds (and why it matters now)
Microsoft notes that KB5079473 includes all features and improvements from the February 2026 non-security update. That release introduced several notable niceties and tools, including:
- A built-in, albeit informal, network speed test for Windows 11.
