Microsoft released KB5089573 on May 26, 2026 as an optional preview cumulative update for Windows 11 versions 25H2 and 24H2, moving systems to OS builds 26200.8524 and 26100.8524 while fixing an installation failure tied to error 0x800f0922. The fix matters because the bug hit at the least forgiving point in the Windows servicing process: after the machine had already committed to rebooting and applying the update. For users, it looked like another inscrutable Windows Update failure. For administrators, it was a reminder that a few megabytes in the wrong partition can still derail a modern patching estate.
The headline is not that Microsoft shipped another optional preview update. The headline is that KB5089573 turns a messy May Patch Tuesday incident into a case study in how fragile Windows servicing can be when security updates, firmware-era partitioning decisions, and phased feature delivery all collide.
The 0x800f0922 failure addressed by KB5089573 was not a generic “try again later” problem. Microsoft’s documentation ties it to devices with limited free space on the EFI System Partition, especially systems with 10 MB or less available. Those machines could fail to complete installation after the May 2026 security update, KB5089549, leaving users staring at a stalled or failed update cycle rather than a cleanly patched Windows installation.
That detail matters because the EFI System Partition is not a place most users ever inspect. It is small, hidden from normal drive browsing, and treated as plumbing until something breaks. When Windows Update needs more room there than the machine can provide, the failure looks like a Windows problem even though the root cause may have been baked into the disk layout years earlier.
The reported failure point, around the mid-30 percent mark during reboot, made the issue feel worse. Users are conditioned to expect Windows updates to pause, restart, and crawl through percentages at their own pace. When the process repeatedly fails in the same zone, confidence in the update mechanism erodes quickly.
Microsoft’s first response was mitigation, not repair. Consumer devices received relief through Known Issue Rollback, while enterprise administrators were pointed toward a registry-based workaround involving the EspPaddingPercent value. KB5089573 is the permanent fix, which is why it deserves more attention than the average late-month preview patch.
That distinction is not academic for IT departments. If a May security patch failed because of the EFI partition issue, waiting for the next automatic security update may prolong exposure or keep devices stuck in a broken servicing state. Installing KB5089573 manually, or approving it through enterprise channels, becomes a practical recovery step rather than a curiosity for update watchers.
Microsoft says the same changes will appear in the next security update through Windows Update for Business. That is the safer route for conservative shops that can tolerate the delay. But for fleets already experiencing 0x800f0922 failures, the optional preview is the fix in hand.
This is one of the oddities of Windows servicing in 2026: an update can be “optional” while still being the most direct answer to a failed security deployment. The label describes the release channel, not the urgency felt by the administrator whose compliance dashboard is turning red.
Among the visible additions is Shared Audio, which allows two supported Bluetooth LE Audio devices to listen to the same PC audio stream. That is a consumer-friendly feature, but its presence inside the same package as a serious update reliability fix illustrates the modern Windows bargain. You do not get the plumbing without also accepting some degree of product evolution.
Task Manager also gains more visibility into NPU activity on systems that include neural processing hardware. That is a small but telling addition. As Microsoft pushes Copilot+ PCs and local AI workloads, administrators and power users need better ways to see what is actually consuming AI-related compute resources.
The update also refreshes AI components including Image Search, Content Extraction, Semantic Analysis, and the Settings Model, all listed at version 1.2605.856.0. Microsoft notes that these components apply to Copilot+ PCs and do not install on every Windows PC or Windows Server system. Even so, their presence inside cumulative updates shows how AI features are becoming part of the base servicing rhythm rather than a separate app-layer concern.
Performance fixes in Windows updates deserve cautious reading. They may be noticeable on some systems and invisible on others. A shell responsiveness improvement can depend on device class, installed software, indexing state, background services, and hardware drivers.
Still, Microsoft’s choice to call out app launch and shell components is revealing. The company knows that Windows 11’s reputation is not shaped only by benchmark results or security architecture. It is shaped by whether Start opens instantly, Search returns useful results quickly, and the desktop feels ready when the user is.
KB5089573 also includes reliability work across File Explorer, the sign-in and lock screens, touch gestures, theme changes, and desktop shortcut loading. These sound like small paper cuts because they are. But Windows’ daily experience is the sum of those paper cuts, and cumulative updates increasingly function as the operating system’s monthly sanding block.
This is one of Microsoft’s better servicing decisions of the past several years. The old world, where servicing stack updates and cumulative updates could arrive as separate moving parts, created unnecessary failure modes. If the update client needed an update before it could reliably install updates, deployment sequencing became another chore for administrators.
But bundling the SSU also changes rollback expectations. Microsoft warns that the combined SSU and LCU package cannot be removed using wusa.exe with the uninstall switch. Removing the update requires DISM with the LCU package name, and the SSU component itself cannot be removed after installation.
That is a reasonable engineering tradeoff, but it is not frictionless. Administrators who still treat uninstall as a simple escape hatch need to know that modern Windows cumulative packages are more layered than they appear. The operating system’s update pipeline is being hardened, but that hardening comes with fewer reversible seams.
The available deployment routes are familiar: Windows Update for Business, the Microsoft Update Catalog, and manual import into Windows Server Update Services. But the channel does not solve the governance question. Should an organization accelerate a preview update to fix a known installation blocker, or wait for the next security release and accept the interim risk?
There is no universal answer. A heavily managed enterprise with accurate reporting can identify machines that failed KB5089549 and target KB5089573 narrowly. A smaller organization with looser inventory may choose broader approval because failed patching is harder to isolate. A security-conscious shop may care less about the preview label than about restoring normal update flow before the next Patch Tuesday.
The registry workaround and Known Issue Rollback bought Microsoft and customers time. KB5089573 ends that temporary phase. For IT, that means the task moves from workaround tracking to update adoption and verification.
Many Windows 11 systems inherit partition layouts from older Windows installations, OEM imaging practices, or years of in-place upgrades. Some machines may have firmware files, bootloaders, recovery artifacts, or vendor tools that consume more ESP space than expected. A fleet can therefore contain devices that look healthy in endpoint management tools but are quietly close to a servicing cliff.
Microsoft’s fix may reduce or eliminate this particular failure mode, but it does not make partition hygiene irrelevant. Administrators who have seen 0x800f0922 should treat it as a signal to inspect disk layouts, especially on older upgraded machines and devices with complex boot histories.
This is the unglamorous side of Windows lifecycle management. The feature story may be AI components and Bluetooth audio sharing, but the operational story is that firmware-era storage assumptions still affect whether a cloud-managed Windows 11 device can install a 2026 security update.
From the user perspective, it can be maddening. Two machines on the same Windows version and build may not expose identical features on the same day. A user may read that Shared Audio or a personalization improvement has arrived, then find no obvious way to use it.
For administrators, gradual rollout complicates documentation and support. Help desks need to know whether a missing feature is a bug, a policy restriction, unsupported hardware, or simply a staged rollout that has not reached the device yet. That ambiguity is now part of the Windows experience.
The benefit is that Microsoft can move faster without detonating every PC at once. The cost is that Windows becomes less deterministic. KB5089573 is a good example: it is one cumulative update, but its impact depends on device eligibility, hardware support, rollout phase, management policy, and whether the machine was affected by the earlier installation bug.
That has practical consequences. Enterprises evaluating Copilot+ PCs will need to track not just firmware, drivers, and Windows builds, but also the AI components that support local experiences. Developers building for Windows AI features will increasingly care about platform versioning below the application layer.
For privacy- and security-minded users, the update also includes a Secure Boot-related policy to limit certain service data sent to Microsoft. That is a reminder that telemetry, trust chains, and platform security are being negotiated inside Windows policy as much as inside marketing pages.
None of this means every Windows 11 PC suddenly becomes an AI workstation. Microsoft explicitly limits these AI component installs to applicable Copilot+ PCs. But the servicing pattern is clear: the Windows platform is absorbing AI as infrastructure, and cumulative updates are the delivery vehicle.
In this case, the chain included a security update, a hidden system partition, a reboot-phase installation process, a Known Issue Rollback, an enterprise registry workaround, a cumulative preview update, and a bundled servicing stack update. That is a lot of machinery for a user who only sees “Something didn’t go as planned.”
Microsoft deserves credit for documenting the failure conditions and tying the fix to a specific release. It also deserves scrutiny for the complexity of the ecosystem it has built. Windows is expected to run everywhere, upgrade for years, preserve compatibility, add AI-era features, and patch quickly against active threats. Complexity is not an excuse, but it is the terrain.
KB5089573 is therefore both repair and reminder. It repairs a specific servicing failure. It reminds everyone else that Windows reliability depends on details most users never see until they break.
The headline is not that Microsoft shipped another optional preview update. The headline is that KB5089573 turns a messy May Patch Tuesday incident into a case study in how fragile Windows servicing can be when security updates, firmware-era partitioning decisions, and phased feature delivery all collide.
A Tiny EFI Partition Became a Big Windows Update Problem
The 0x800f0922 failure addressed by KB5089573 was not a generic “try again later” problem. Microsoft’s documentation ties it to devices with limited free space on the EFI System Partition, especially systems with 10 MB or less available. Those machines could fail to complete installation after the May 2026 security update, KB5089549, leaving users staring at a stalled or failed update cycle rather than a cleanly patched Windows installation.That detail matters because the EFI System Partition is not a place most users ever inspect. It is small, hidden from normal drive browsing, and treated as plumbing until something breaks. When Windows Update needs more room there than the machine can provide, the failure looks like a Windows problem even though the root cause may have been baked into the disk layout years earlier.
The reported failure point, around the mid-30 percent mark during reboot, made the issue feel worse. Users are conditioned to expect Windows updates to pause, restart, and crawl through percentages at their own pace. When the process repeatedly fails in the same zone, confidence in the update mechanism erodes quickly.
Microsoft’s first response was mitigation, not repair. Consumer devices received relief through Known Issue Rollback, while enterprise administrators were pointed toward a registry-based workaround involving the EspPaddingPercent value. KB5089573 is the permanent fix, which is why it deserves more attention than the average late-month preview patch.
The Optional Preview Is Doing Mandatory Cleanup
Microsoft labels KB5089573 as a preview update, which can make it sound experimental or optional in the casual sense. In practice, these late-month releases often serve as staging grounds for fixes that will roll into the next security update. That creates a familiar tension: the update is not a Patch Tuesday security release, but the bug it fixes may block the successful installation of security updates.That distinction is not academic for IT departments. If a May security patch failed because of the EFI partition issue, waiting for the next automatic security update may prolong exposure or keep devices stuck in a broken servicing state. Installing KB5089573 manually, or approving it through enterprise channels, becomes a practical recovery step rather than a curiosity for update watchers.
Microsoft says the same changes will appear in the next security update through Windows Update for Business. That is the safer route for conservative shops that can tolerate the delay. But for fleets already experiencing 0x800f0922 failures, the optional preview is the fix in hand.
This is one of the oddities of Windows servicing in 2026: an update can be “optional” while still being the most direct answer to a failed security deployment. The label describes the release channel, not the urgency felt by the administrator whose compliance dashboard is turning red.
KB5089573 Is More Than a One-Bug Rescue Patch
The installation fix will attract the most attention, but KB5089573 is not a narrow hotfix. It is a cumulative update with a wide set of production-quality improvements across Windows 11 versions 24H2 and 25H2. Microsoft’s servicing model rarely ships a single-purpose cumulative package anymore; fixes arrive bundled with platform changes, feature toggles, and infrastructure updates.Among the visible additions is Shared Audio, which allows two supported Bluetooth LE Audio devices to listen to the same PC audio stream. That is a consumer-friendly feature, but its presence inside the same package as a serious update reliability fix illustrates the modern Windows bargain. You do not get the plumbing without also accepting some degree of product evolution.
Task Manager also gains more visibility into NPU activity on systems that include neural processing hardware. That is a small but telling addition. As Microsoft pushes Copilot+ PCs and local AI workloads, administrators and power users need better ways to see what is actually consuming AI-related compute resources.
The update also refreshes AI components including Image Search, Content Extraction, Semantic Analysis, and the Settings Model, all listed at version 1.2605.856.0. Microsoft notes that these components apply to Copilot+ PCs and do not install on every Windows PC or Windows Server system. Even so, their presence inside cumulative updates shows how AI features are becoming part of the base servicing rhythm rather than a separate app-layer concern.
Microsoft Is Still Trying to Make Windows Feel Faster
One of the more interesting claims in KB5089573 is general performance improvement. Microsoft says the update accelerates app launch and core shell experiences including Start, Search, and Action Center. Those are exactly the areas where Windows 11 criticism has lingered since launch: the operating system looks modern, but responsiveness has not always felt as crisp as users expect on capable hardware.Performance fixes in Windows updates deserve cautious reading. They may be noticeable on some systems and invisible on others. A shell responsiveness improvement can depend on device class, installed software, indexing state, background services, and hardware drivers.
Still, Microsoft’s choice to call out app launch and shell components is revealing. The company knows that Windows 11’s reputation is not shaped only by benchmark results or security architecture. It is shaped by whether Start opens instantly, Search returns useful results quickly, and the desktop feels ready when the user is.
KB5089573 also includes reliability work across File Explorer, the sign-in and lock screens, touch gestures, theme changes, and desktop shortcut loading. These sound like small paper cuts because they are. But Windows’ daily experience is the sum of those paper cuts, and cumulative updates increasingly function as the operating system’s monthly sanding block.
The Servicing Stack Update Is the Quiet Center of the Story
Bundled with KB5089573 is servicing stack update KB5092734, version 26100.8519. The servicing stack is the component responsible for installing Windows updates, and Microsoft now routinely combines the latest servicing stack update with the latest cumulative update. That reduces the odds that a machine lacks the update machinery needed to install the update itself.This is one of Microsoft’s better servicing decisions of the past several years. The old world, where servicing stack updates and cumulative updates could arrive as separate moving parts, created unnecessary failure modes. If the update client needed an update before it could reliably install updates, deployment sequencing became another chore for administrators.
But bundling the SSU also changes rollback expectations. Microsoft warns that the combined SSU and LCU package cannot be removed using wusa.exe with the uninstall switch. Removing the update requires DISM with the LCU package name, and the SSU component itself cannot be removed after installation.
That is a reasonable engineering tradeoff, but it is not frictionless. Administrators who still treat uninstall as a simple escape hatch need to know that modern Windows cumulative packages are more layered than they appear. The operating system’s update pipeline is being hardened, but that hardening comes with fewer reversible seams.
Enterprises Get a Fix, But Also Another Change-Control Decision
For managed environments, KB5089573 lands in the awkward space between incident response and routine maintenance. If devices were affected by the May 2026 0x800f0922 failure, the update is operationally important. If they were not, it is still a preview release with a broad payload and the usual need for validation.The available deployment routes are familiar: Windows Update for Business, the Microsoft Update Catalog, and manual import into Windows Server Update Services. But the channel does not solve the governance question. Should an organization accelerate a preview update to fix a known installation blocker, or wait for the next security release and accept the interim risk?
There is no universal answer. A heavily managed enterprise with accurate reporting can identify machines that failed KB5089549 and target KB5089573 narrowly. A smaller organization with looser inventory may choose broader approval because failed patching is harder to isolate. A security-conscious shop may care less about the preview label than about restoring normal update flow before the next Patch Tuesday.
The registry workaround and Known Issue Rollback bought Microsoft and customers time. KB5089573 ends that temporary phase. For IT, that means the task moves from workaround tracking to update adoption and verification.
The EFI System Partition Is Now a Fleet Health Signal
The ESP detail should prompt administrators to look beyond this single KB. If Windows servicing can fail because an EFI partition has 10 MB or less free, then ESP sizing and health are not merely deployment trivia. They are part of patch readiness.Many Windows 11 systems inherit partition layouts from older Windows installations, OEM imaging practices, or years of in-place upgrades. Some machines may have firmware files, bootloaders, recovery artifacts, or vendor tools that consume more ESP space than expected. A fleet can therefore contain devices that look healthy in endpoint management tools but are quietly close to a servicing cliff.
Microsoft’s fix may reduce or eliminate this particular failure mode, but it does not make partition hygiene irrelevant. Administrators who have seen 0x800f0922 should treat it as a signal to inspect disk layouts, especially on older upgraded machines and devices with complex boot histories.
This is the unglamorous side of Windows lifecycle management. The feature story may be AI components and Bluetooth audio sharing, but the operational story is that firmware-era storage assumptions still affect whether a cloud-managed Windows 11 device can install a 2026 security update.
The Gradual Rollout Model Cuts Both Ways
KB5089573 uses both gradual and normal rollout phases, meaning not every eligible device receives every new feature at the same time. Microsoft uses this model to monitor telemetry, limit blast radius, and hold back changes if something goes wrong. From an engineering perspective, it is sensible.From the user perspective, it can be maddening. Two machines on the same Windows version and build may not expose identical features on the same day. A user may read that Shared Audio or a personalization improvement has arrived, then find no obvious way to use it.
For administrators, gradual rollout complicates documentation and support. Help desks need to know whether a missing feature is a bug, a policy restriction, unsupported hardware, or simply a staged rollout that has not reached the device yet. That ambiguity is now part of the Windows experience.
The benefit is that Microsoft can move faster without detonating every PC at once. The cost is that Windows becomes less deterministic. KB5089573 is a good example: it is one cumulative update, but its impact depends on device eligibility, hardware support, rollout phase, management policy, and whether the machine was affected by the earlier installation bug.
The AI Payload Shows Where Windows Servicing Is Headed
The AI component updates inside KB5089573 are not the main reason most people will install it. But they are strategically important. Microsoft is folding AI infrastructure into the ordinary Windows update stream, which means AI capability is no longer a separate headline feature delivered only through apps or major annual releases.That has practical consequences. Enterprises evaluating Copilot+ PCs will need to track not just firmware, drivers, and Windows builds, but also the AI components that support local experiences. Developers building for Windows AI features will increasingly care about platform versioning below the application layer.
For privacy- and security-minded users, the update also includes a Secure Boot-related policy to limit certain service data sent to Microsoft. That is a reminder that telemetry, trust chains, and platform security are being negotiated inside Windows policy as much as inside marketing pages.
None of this means every Windows 11 PC suddenly becomes an AI workstation. Microsoft explicitly limits these AI component installs to applicable Copilot+ PCs. But the servicing pattern is clear: the Windows platform is absorbing AI as infrastructure, and cumulative updates are the delivery vehicle.
The May Patch Incident Leaves a Useful Paper Trail
The strongest argument for installing KB5089573 is straightforward: it fixes a known installation failure from the May 2026 security update and restores confidence in the update path. The stronger lesson is broader. Windows Update failures are rarely just one thing.In this case, the chain included a security update, a hidden system partition, a reboot-phase installation process, a Known Issue Rollback, an enterprise registry workaround, a cumulative preview update, and a bundled servicing stack update. That is a lot of machinery for a user who only sees “Something didn’t go as planned.”
Microsoft deserves credit for documenting the failure conditions and tying the fix to a specific release. It also deserves scrutiny for the complexity of the ecosystem it has built. Windows is expected to run everywhere, upgrade for years, preserve compatibility, add AI-era features, and patch quickly against active threats. Complexity is not an excuse, but it is the terrain.
KB5089573 is therefore both repair and reminder. It repairs a specific servicing failure. It reminds everyone else that Windows reliability depends on details most users never see until they break.
The Patch to Install Before the Next Patch Tuesday
KB5089573 is most urgent for users and administrators who saw May’s update fail, but it also offers a broader maintenance checkpoint before the next security cycle. Treat it less as a flashy feature drop and more as a stabilizing release with some visible extras attached.- Systems that failed the May 2026 security update with 0x800f0922 should be prioritized for KB5089573 testing and deployment.
- Devices with very low free space on the EFI System Partition were the key risk group behind the documented installation failure.
- The update is optional today, but its changes are expected to flow into the next security update channel.
- The bundled servicing stack update improves the update pipeline but changes how rollback works.
- Copilot+ PCs receive updated AI components, while unsupported systems do not install those AI pieces.
- Administrators should validate deployment through their normal rings rather than treating the preview label as either harmless or dangerous by default.
References
- Primary source: cyberpress.org
Published: 2026-06-01T05:09:10.840456
Loading…
cyberpress.org - Official source: support.microsoft.com
- Related coverage: windowslatest.com
Windows 11 KB5089573 just made PCs more responsive, direct download links (.msu)
Windows 11 KB5089573 is a major update that bumps the OS to Build 26200.8524 and adds multiple new features.
www.windowslatest.com
- Related coverage: pccentral.net
Windows 11 KB5089573 Update Adds Shared Audio and Performance Boosts
Microsoft releases non-security update KB5089573 with shared audio support, NPU tracking, multi-app camera, and performance improvements for Windows 11 versions 24H2 and 25H2.
pccentral.net
- Related coverage: windowsreport.com
Loading…
windowsreport.com - Related coverage: ninjaone.com
KB5089573 - Details, Issues, & Feedback - NinjaOne
Community reception of KB5089573 demonstrates cautious optimism tempered by historical skepticism regarding Windows update reliability. Users acknowledge t
www.ninjaone.com
