Microsoft released cumulative update KB5078883 for Windows 11, version 23H2 (2023 Update) as part of Patch Tuesday (March 2026). The cumulative update package KB5078883 (Build 22631.6783) is intended for Windows 11, version 23H2 (Windows 11 2023 Update) based on x64 (amd64) and ARM64 processors for Enterprise and Education editions.
The update includes security fixes as well as quality improvements from update KB5075941, released on February 10, 2026. It contains various security improvements for internal OS functions for March 2026. As part of Patch Tuesday (March 2026), Microsoft fixed 79 security issues, including two publicly disclosed zero-day vulnerabilities.
- Secure Boot. Improvement: Windows quality updates now use additional data to accurately identify devices that can automatically install new Secure Boot certificates. Devices receive new certificates only after the system records a sufficient number of successful update signals, ensuring controlled and phased deployment. New PowerShell capabilities have also been added to manage Secure Boot key updates: the Get-SecureBootUEFI command now supports the -Decoded parameter, allowing Secure Boot keys and certificates to be displayed in a human-readable format; the Get-SecureBootSVN command allows you to check the Secure Boot version number (SVN) for the UEFI firmware and bootloader, as well as determine whether the device complies with the current Secure Boot policy.
- File History. Improved reliability of the File History feature in Control Panel. It now correctly creates backups of files whose names contain Chinese characters and characters from the Private Use Area.
- Graphics. Improved stability on some GPU configurations, helping devices shut down more correctly when powered off. Also improved stability of the graphics subsystem under intensive loads. This enhances the reliability of games and 3D applications.
- Text and Fonts. Updated Windows system fonts — added a new currency symbol for the Saudi riyal. This ensures correct display of the currency in applications and the system interface.
- Windows System Image Manager. Improved reliability when selecting trusted catalog files. A warning dialog box now appears to help ensure that the selected file comes from a trusted source.
If previous updates are already installed on the device, the system will download and install only the new fixes included in the KB5078883 package. Cumulative update 5078883 for PCs is installed automatically through Windows Update for Enterprise and Education editions. To check, go to Settings > Windows Update and click Check for updates.
How the new features work:
Secure Boot: Windows uses update telemetry to phase new certificate deployment. The system accumulates successful update signals; after reaching a security threshold, it permits installation, preventing premature application on faulty devices. Get-SecureBootUEFI -Decoded converts binary keys to readable format (e.g., PEM), while Get-SecureBootSVN compares SVN version numbers between firmware and bootloader to determine policy compliance.
File History: The file path parser during backup creation is fixed. Previously, hieroglyphs and Private Use Area characters (U+E000..U+F8FF) triggered encoding errors in Volume Shadow Copy API calls. Now the backup service correctly handles UTF-16 multibyte sequences and PUA symbols, preserving original names without loss.
Graphics: Improved driver behavior in the graphics subsystem (dxgkrnl.sys) and power transition stack. Fixed race conditions during shutdown where the GPU couldn't process D3D commands in time. Reduced lock contention under load by decreasing KeWaitForSingleObject calls in critical sections, boosting stability for games and 3D apps.
Text and Fonts: Added Saudi riyal glyph to system fonts (e.g., Segoe UI Emoji, Segoe UI Symbol). Updated kerning tables. Apps calling DrawText or DirectWrite now render the currency correctly. Unicode point U+FDFC is now properly linked to the system font.
Windows System Image Manager: Selecting a trusted catalog (.cat) now triggers a SetupDlg warning. Digital signature verification is performed. This dialog reduces the risk of malicious catalog injection during WIM image builds. The utility compares the catalog hash against the system store.
Official announcement on the Microsoft website.
The last 10 Windows updates:
| Update | Build | Version | Windows | Channel | Date |
|---|---|---|---|---|---|
| KB5083778 | 28020.1873 | 26H1 | Windows 11 | Experimental | 2026-04-24 |
| KB5083780 | 26300.8289 | 25H2 | Windows 11 | Experimental | 2026-04-24 |
| KB5083781 | 26220.8283 | 25H2 | Windows 11 | Beta | 2026-04-24 |
| KB5083631 | 26200.8313 | 25H2/24H2 | Windows 11 | Preview | 2026-04-17 |
| KB5083725 | 28020.1863 | 26H1 | Windows 11 | Canary | 2026-04-17 |
| KB5083726 | 26300.8276 | 25H2 | Windows 11 | Dev | 2026-04-17 |
| KB5083728 | 26220.8271 | 25H2 | Windows 11 | Beta | 2026-04-17 |
| KB5082052 | 22631.6936 | 23H2 | Windows 11 | Stable | 2026-04-14 |
| KB5083768 | 28000.1836 | 26H1 | Windows 11 | Stable | 2026-04-14 |
| KB5082200 | 19045.7184 | 22H2 (ESU) | Windows 10 | Stable | 2026-04-14 |