KB5084597 — March 2026 Out-of-Band Hotpatch Security Update

Overview

KB5084597 is a critical out-of-band hotpatch security update released on March 13, 2026, addressing multiple high-severity vulnerabilities in Windows 11 systems. This update targets Windows 11 Version 24H2 and 25H2 on both x64 and ARM64 architectures, updating affected systems to builds 26100.7982 and 26200.7982 respectively.

As an out-of-band release, this update was issued outside the regular monthly update cycle due to the critical nature of the vulnerabilities addressed. The hotpatch technology allows the update to be applied without requiring a system restart in most scenarios.

Security Vulnerabilities Addressed

This security update resolves multiple critical vulnerabilities that pose significant risks to Windows 11 systems:

Kernel Privilege Escalation

The update addresses several privilege escalation vulnerabilities in the Windows kernel that could allow local attackers to gain SYSTEM-level access. These vulnerabilities stem from insufficient input validation in kernel-mode components and improper handling of system calls.

Remote Code Execution

Critical remote code execution flaws in the Windows networking stack are resolved, preventing attackers from exploiting specially crafted network packets to execute arbitrary code on target systems. The vulnerabilities affected TCP/IP processing and Windows Sockets API implementations.

Authentication Bypass

Security bypass issues in Windows authentication mechanisms are corrected, preventing attackers from circumventing access controls and authentication requirements. These fixes strengthen credential validation and token handling processes.

Memory Corruption

Multiple memory corruption vulnerabilities in system drivers are addressed, including use-after-free conditions and buffer overflows that could lead to system crashes or code execution with kernel privileges.

Affected Systems

This update applies to the following Windows 11 versions and architectures:

Installation and Deployment

The update is delivered through multiple channels to accommodate different deployment scenarios:

Automatic Delivery

Windows Update automatically delivers this high-priority security update to eligible systems. The update is classified as Important and is installed automatically on systems with automatic updates enabled.

Manual Installation

Users can manually install the update by:

1. Opening Settings
2. Navigating to Windows Update
3. Selecting "Check for updates"
4. Installing KB5084597 when it appears

Enterprise Deployment

Enterprise environments can deploy this update through:

• Windows Server Update Services (WSUS)
• Microsoft System Center Configuration Manager (SCCM)
• Microsoft Intune
• Manual download from Microsoft Update Catalog

Verification

To verify successful installation of KB5084597, administrators can use the following methods:

PowerShell Command

Get-HotFix -Id KB5084597

System Information

Check the OS build number in Settings > System > About. The build should show 26100.7982 for Windows 11 24H2 or 26200.7982 for Windows 11 25H2.

Windows Update History

Navigate to Settings > Windows Update > Update history to view installation status and date.

Post-Installation Considerations

After installing KB5084597, administrators should:

• Verify system stability and application functionality
• Update security software definitions to prevent false positives
• Test critical business applications
• Monitor system logs for any unusual activity

The hotpatch technology used in this update minimizes disruption by applying changes without requiring a restart. However, some system components may require a restart to fully activate all security improvements.