Windows 11: May 2026 Patch Tuesday is live

Microsoft has released its May 2026 Patch Tuesday update for Windows 11. The cumulative update KB5089549 is now rolling out to all Windows 11 versions 24H2 and 25H2, pushing systems to OS Builds 26100.8328 and 26200.8328. The update was released as an optional preview on April 30 and is now mandatory for all users. Microsoft typically begins deploying Patch Tuesday updates at around 1:00 PM ET.

The security side of May's update arrives at a critical moment. Today, May 12, is the CISA deadline for federal agencies to apply the fix for CVE-2026-32202, the Windows Shell zero-day that Notebookcheck covered last month and that was confirmed as actively exploited. The April cumulative update KB5083769 carries that patch. Users who have not yet installed April's update will receive it as part of today's rollout. A full breakdown of new CVEs addressed in May's security bulletin is expected from Microsoft's Security Response Center and BleepingComputer after the update begins rolling out.

What is new in the May update

Xbox mode is the standout feature of the May update, rolling out to all Windows 11 24H2 and 25H2 users today. It brings a full-screen, controller-first gaming dashboard to laptops, desktops, tablets, and handheld PCs, accessible via Settings, then Gaming, then Xbox mode, or through the Windows + F11 shortcut. The feature was previously available only to users who had manually installed the April 30 optional preview.

File Explorer receives a reliability overhaul addressing instability during login and taskbar interactions. View and sort preferences now persist after closing and reopening folders in Downloads and Documents. A new "Preview anyway" button appears for downloaded files. Built-in archive support expands to UU, CPIO, XAR, and NuGet package formats, removing the need for third-party extraction tools for common file types. File Explorer also launches measurably faster than before the update.

Haptic feedback arrives for compatible stylus and pen devices, including the Surface Slim Pen 2, ASUS Pen 3.0, and MSI Pen 2. Basic actions such as snapping app windows, resizing, and aligning objects now trigger tactile feedback. The setting lives under Settings, then Bluetooth and devices. A new AI agent monitoring area on the Taskbar starts rolling out with this update, initially tied to the Microsoft 365 Copilot Researcher agent. The agent displays live progress on the Taskbar while generating reports, with a notification on completion. FAT32 drive formatting now supports volumes up to 2TB, removing the longstanding 32GB limitation. The Drag Tray is renamed to Drop Tray, with its settings moved to Settings, then System, then Multitasking.

Secure Boot - 45 days to the deadline

May's update is the last comfortable deployment window before the Secure Boot certificate expiration. The original Secure Boot certificates issued in 2011 and used by most Windows devices built between 2012 and 2025 expire on June 26, 2026. Every Windows device that has not received updated Secure Boot certificates before that date enters a degraded security state the following day. Microsoft has been phasing the certificate rollout since February 2026, and the May update advances that rollout further. IT administrators who have not confirmed their device fleet has received the updated certificates should prioritise this now rather than waiting for the June Patch Tuesday.

One known issue applies: Windows Server 2025 devices running an unrecommended BitLocker Group Policy configuration may boot into BitLocker recovery after installing KB5089549, requiring the recovery key to be entered on first restart. Enterprise administrators should verify BitLocker policy configuration before pushing this update to production servers. Microsoft reports no other known issues with the May update.