This Windows update installs itself: Here’s why you can’t ignore it

Microsoft has released the KB5051974 cumulative update for Windows 10 22H2 and Windows 10 21H2, which automatically installs the new Outlook for Windows app and addresses a memory leak bug.

The KB5051974 update is mandatory as it contains Microsoft’s January 2025 Patch Tuesday security updates. Windows users can install this update by navigating to Settings, selecting Windows Update, and performing a ‘Check for Updates.’ This mandatory update will automatically start installing once users check for updates, but they can schedule a time for the computer restart to complete the installation.

After installation, Windows 10 22H2 will update to build 19045.5487, and Windows 10 21H2 will update to build 19044.5487. Users can also manually download and install the KB5051974 update from the Microsoft Update Catalog.

The KB5051974 update includes eleven fixes or changes addressing various bugs in Windows 10, with some key updates listed below:

• [Mail] New: The update includes the new Outlook for Windows app, featuring a new app icon in the Apps section on the Start menu, placed near classic Outlook. Settings or defaults remain unchanged.
• [Screen capture] Fixed: An issue where the Capture Service and Snipping Tool would stop responding when the Windows logo key+Shift+S is pressed multiple times while Narrator is active.
• [Chinese Pinyin IME] Adjustment: Bing will cease offering automatic suggestions in search boxes for sites like Baidu. Manual suggestions can now be obtained using Ctrl+Tab or the chevron button (>).
• [Digital/Analog Converter (DAC)] Fixed: Issues affecting USB audio devices when using a USB 1.0-based DAC driver.
• [USB audio device drivers] Fixed: The “code 10” error message that appears when connecting to certain external audio management devices.
• [USB cameras] Fixed: Devices not recognizing that the camera is on, an issue occurring after the installation of the January 2025 security update.
• [Virtual memory] Fixed: Resolved an issue that depleted virtual memory, potentially causing app failures.

Microsoft acknowledged three known issues resulting from previous updates. After installing the update, OpenSSH connections may fail as the SSHD service does not start automatically. Users can fix this by manually starting the SSHD service.

Moreover, the January 2025 updates may not succeed if Citrix Session Recording Agent (SRA) version 2411 is installed. Microsoft recommends stopping the Session Recording Monitoring service, installing the security update, and then re-enabling the service.

Additionally, the Windows Event Viewer may improperly display an Event 7023 error regarding SgrmBroker.exe, stating that “The System Guard Runtime Monitor Broker service terminated with the following error: %%3489660935.” Microsoft noted that this error does not impact device functionality and will be addressed in future updates.

Windows 11 just got a big fix but you have to manually update

A complete list of fixes can be found in the KB5051974 support bulletin. Microsoft’s security response team addressed at least 55 documented defects in Windows and related applications while highlighting serious vulnerabilities requiring immediate attention.

These include the Windows Storage Elevation of Privilege bug (CVE-2025-21391), which allows attackers to delete targeted files, and a critical flaw in the Windows Ancillary Function Driver for WinSock (CVE-2025-21418) that grants SYSTEM privileges to attackers.

Additionally, a remote code execution vulnerability in Windows Lightweight Directory Access Protocol (LDAP) (CVE-2025-21376) could allow unauthenticated attackers to exploit affected systems. Security experts characterize this vulnerability as “wormable.” Users are advised to apply fixes for remote code execution issues in Microsoft Excel, notably the vulnerability identified as CVE-2025-21387.

Microsoft’s updates included 57 new CVEs across various components. Among these, three were rated Critical, 53 Important, and one Moderate in severity. Notably, two vulnerabilities were identified as publicly known and two as actively exploited at the time of release.

Featured image credit: Clint Patterson/Unsplash