Microsoft Windows Server 2025 Update Version OS Build 26100.32995

Views
16

Your rating
Rate update installation process

Log in to rate this update.
Login

Risk factor
No ratings yet. Be the first to rate this update.

Smooth installs 0%
Minor issues 0%
Major issues 0%

Update Summary

KB5094125 updates Windows Server 2025 to OS Build 26100.32995 with security fixes, quality improvements, and non-security updates from KB5087539. It also adds DNS over HTTPS for DNS Server and includes Secure Boot and Windows Update reliability fixes. Reference IDs: KB5082063, KB5070881, CVE-2025-59287.

Update Details

Security

  • Includes the latest security fixes for Windows Server 2025.
  • Secure Boot rollout improvements add higher-confidence device targeting data for delivery of new Secure Boot certificates.
  • Adds the LimitSecureBootRequiredServiceData Group Policy and MDM setting to reduce Secure Boot service data sent to Microsoft.
  • WSUS synchronization error details are temporarily removed to address CVE-2025-59287.

Bug Fixes

  • Fixes a BitLocker Recovery issue that could occur after boot file updates on systems with certain TPM validation settings, including invalid PCR7 configurations.
  • Improves File Explorer search support for Chinese text and UTF-8 encoded files without a BOM, with clearer text in search results, Content view, and tooltips.
  • Improves reliability during user profile load by managing system resources more efficiently.
  • Fixes a Windows Update Standalone Installer issue where WUSA could fail with ERROR_BAD_PATHNAME when opening .msu files or running from a network share with multiple .msu files.

New Features

  • Windows Server 2025 DNS Server now supports DNS over HTTPS (DoH) for encrypted server-client DNS communication.

Known Issues

  • WSUS does not display synchronization error details after installing KB5070881 or later updates.

Hints

  • The Secure Boot certificate update is delivered gradually through Windows Update after devices show sufficient successful update signals.
  • The LimitSecureBootRequiredServiceData policy is included in the Windows Restricted Traffic Limited Functionality Baseline.
  • DNS over HTTPS support applies only to server-client communication and does not support encrypted DNS between servers.
  • WSUS error details were removed temporarily while addressing CVE-2025-59287.

Links

Product Information

Vendor: Microsoft

Product: Windows Server 2025

Version: OS Build 26100.32995

Release date: Jun 9, 2026

View All Updates