Microsoft has released an out-of-band update for Windows 11, designated as KB5064489 (OS Build 26100.4656), on July 13, 2025. This update primarily focuses on enhancing quality, implementing security patches, and addressing a specific issue related to Azure Virtual Machines (VMs) with Trusted Launch disabled. Notably, the update resolves a problem that was preventing the startup of VMs when virtualization-based security (VBS) was enabled, specifically affecting those utilizing version 8.0, which is a non-default version. The issue was linked to secure kernel initialization.
Additionally, this cumulative update incorporates improvements and security fixes from the previous July 8, 2025, security update (KB5062553). A related servicing stack update, KB5063666 (OS Build 26100.4651), has also been released, which enhances the servicing stack— the component responsible for installing Windows updates. This ensures that users have a reliable servicing stack for smooth updates.
To summarize, the out-of-band update KB5064489 addresses critical issues for Azure VMs while improving overall system security and performance. Users are encouraged to install these updates to maintain optimal functionality and security of their devices.
Looking ahead, Microsoft is likely to continue releasing updates to address emerging issues and enhance the user experience with Windows 11, emphasizing the importance of keeping systems up to date for security and performance
Additionally, this cumulative update incorporates improvements and security fixes from the previous July 8, 2025, security update (KB5062553). A related servicing stack update, KB5063666 (OS Build 26100.4651), has also been released, which enhances the servicing stack— the component responsible for installing Windows updates. This ensures that users have a reliable servicing stack for smooth updates.
To summarize, the out-of-band update KB5064489 addresses critical issues for Azure VMs while improving overall system security and performance. Users are encouraged to install these updates to maintain optimal functionality and security of their devices.
Looking ahead, Microsoft is likely to continue releasing updates to address emerging issues and enhance the user experience with Windows 11, emphasizing the importance of keeping systems up to date for security and performance
Windows 11 KB5064489 (OS Build 26100.4656) Out-of-band released
Microsoft has released KB5064489, an out-of-band update for Windows 11 24H2, encompassing quality enhancements, security patches, and a resolution for Azure Virtual Machines with Trusted Launch disabled. The update resolves an issue that was hindering the startup of VMs with virtualization-based security enabled.
Windows 11 KB5064489 (OS Build 26100.4656) Out-of-band released @ NT Compatible
