Download Windows 10 KB5071546 ESU Update: Offline Installer (.msu) Links Available

Key Insights on Windows 10 KB5071546 Update

The Windows 10 update KB5071546 has now rolled out, and it comes following my participation in the Extended Security Update (ESU) program. While this December 2025 patch does not introduce new features, it is critical to download due to the essential security enhancements it provides. Microsoft has also released offline installer links for direct download of KB5071546, ensuring ease of access for users.

What You Need to Know About Update KB5071546

This mandatory update is officially titled “2025-12 Cumulative Update for Windows 10 Version 22H2 for x64-based Systems (KB5071546), ” and it is exclusively available for those who have enrolled in the Extended Security Update program. Users can expect their systems to be upgraded to Windows 10 Build 19045.6691 / 19044.6691.

According to testing by Windows Latest, the installation process takes around five minutes from start to completion, making it a relatively quick update.

I reached out to Microsoft for additional details on this update, but beyond acknowledging the presence of security fixes, no further information was provided. The release notes, although available, lack specifics. However, I researched and gathered some key findings myself.

Key Security Fixes in December’s Update

The December 2025 patch addresses approximately 57 security vulnerabilities, a slight decrease of 5% compared to the previous month’s update. Significantly, the update tackles two zero-day vulnerabilities, with at least one currently being exploited in the wild. This underscores the importance of promptly applying this update for Windows 10 users.

Highlighted vulnerabilities fixed in Windows 10 KB5071546 include:

Two vulnerabilities within the “Spoofing”category.
Three Denial of Service vulnerabilities, which can affect normal system operations.
28 privilege elevation vulnerabilities.
19 issues capable of remote execution or exploitation.

Important Changes to PowerShell

Additionally, the December update introduces a noteworthy modification to how PowerShell operates. Microsoft discovered a vulnerability that allowed malicious actors to exploit PowerShell scripts if embedded within webpages. When these scripts are executed via the `Invoke-WebRequest` command, it triggers HTTPS requests and parses the website response.

However, attackers could have previously misused specific command elements in Windows PowerShell, leading to local code execution. After installing KB5071546, if you attempt to use the `Invoke-WebRequest` command, you will see the following caution:

“Invoke-WebRequest parses the content of the web page. Script code in the web page might be run when the page is parsed. RECOMMENDED ACTION: Use the -UseBasicParsing switch to avoid script code execution.”

This warning is visible but not mandatory to follow; users can continue executing commands if they choose. This is the primary noticeable alteration post-update, with a similar security enhancement also included in Windows 11 via update KB5072033.

How to Download Windows 10 KB5071546

For those seeking to download KB5071546, here are the direct download links for 64-bit and ARM-64 versions. The Update Catalog remains a viable option for acquiring offline installers for Windows 10 ESU; however, it is recommended that users initially enroll in ESU through Windows Update for optimal compatibility.

With the extended security features available, there is little reason to delay enrolling in ESU. Users of Windows 10 should take advantage of the one-year free upgrade available.

Pop-up window showing why users should Enroll in Windows 10 ESU

To enroll, simply access Windows Update, where you’ll find an “Enroll now” button. Following this prompts the enrollment wizard, which guides you through the registration process as long as you are signed in with a Microsoft account.