Full Report
Microsoft says customers in restricted network environments may encounter Windows Update failures after installing the January 2026 optional non-security preview updates. [...]
Analysis Summary
# Vulnerability: Windows Update Failure in Restricted Network Environments (Error 0x80010002)
## CVE Details
- **CVE ID**: N/A (Functional Bug/Non-security issue)
- **CVSS Score**: N/A
- **CWE**: CWE-404: Improper Resource Shutdown or Release (Functional timeout issue)
## Affected Systems
- **Products**: Windows 11, Windows Server 2025
- **Versions**:
- Windows 11 26H1
- Windows 11 25H2
- Windows 11 24H2
- Windows Server 2025
- **Configurations**: Restricted network environments (air-gapped systems, strictly firewalled networks, or isolated segments) using Windows Update via the Settings page.
## Vulnerability Description
A functional flaw introduced in the **January 2026 optional non-security preview updates** causes failure in the Windows Update download process. The issue stems from recent modifications to **download timeout requirements** when initiating download operations. In restricted environments, these stricter requirements prevent the system from successfully communicating with update servers, leading to a persistent **0x80010002 error**. This specifically affects the ability to download updates released from March 2026 onward via the Settings menu.
## Exploitation
- **Status**: Not exploited (Functional bug)
- **Complexity**: N/A
- **Attack Vector**: N/A
## Impact
- **Confidentiality**: None
- **Integrity**: Low (System remains stable, but lacks recent integrity checks/patches)
- **Availability**: **High** (Prevents the delivery of future security patches, potentially leaving systems vulnerable to future unmitigated exploits)
## Remediation
### Patches
Microsoft has not yet released a permanent cumulative update fix. Resolution is currently managed via **Known Issue Rollback (KIR)**.
### Workarounds
IT administrators must install and configure specific Group Policy templates (KIR) to restore download functionality:
- **Windows 11 26H1**: Install [KB5083806 Known Issue Rollback]
- **Windows 11 24H2, 25H2, and Windows Server 2025**: Install [KB5083631 Known Issue Rollback]
- **Note**: A system restart is required after applying the Group Policy.
## Detection
- **Indicators**: Windows Update Settings page displays **Error Code 0x80010002**.
- **Symptoms**: Updates download successfully for February 2026, but subsequent months (March, April, etc.) fail to initiate downloads in restricted network environments.
## References
- **Microsoft Service Alert**: hxxps[://]admin[.]cloud[.]microsoft/Adminportal/Home?source=applauncher#/windowsreleasehealth/:/issue/WI1311742
- **KIR Deployment Guide**: hxxps[://]docs[.]microsoft[.]com/en-us/troubleshoot/windows-client/group-policy/use-group-policy-to-deploy-known-issue-rollback
- **KIR Download (26H1)**: hxxps[://]download[.]microsoft[.]com/download/2b881d89-8630-4d6f-a316-b100094b07aa/Windows%2011%2026H1%20KB5083806%20260513_22071%20Known%20Issue%20Rollback[.]msi
- **KIR Download (24H2/25H2/Server 2025)**: hxxps[://]download[.]microsoft[.]com/download/4c6b9e6e-5760-435f-b5ef-0ceaafc14520/Windows%2011%2024H2%2c%20Windows%2011%2025H2%20and%20Windows%20Server%202025%20KB5083631%20260513_22072%20Known%20Issue%20Rollback[.]msi