KB5074204: Security Update for Windows PowerShell (OS Builds 26100.7392 and 26200.7392)
A security update for Windows PowerShell targeting hotpatch-enrolled devices running Windows 11 24H2 and 25H2, released December 9, 2025.

Summary
KB5074204 is a security update for Windows PowerShell, covering OS Builds 26100.7392 and 26200.7392, released on December 9, 2025. It applies to Windows 11 Enterprise LTSC 2024, version 24H2, and version 25H2. This update is exclusive to devices enrolled in the hotpatch program. See Microsoft Support for the official page.
Improvements and fixes
- PowerShell 5.1 - Invoke-WebRequest security prompt: The
Invoke-WebRequestcommand now presents users with a confirmation prompt that includes a security warning about script execution risk when downloading web content. Users can choose to proceed with or cancel the request. This change addresses CVE-2025-54100 and is detailed further in KB5074596: PowerShell 5.1: Preventing script execution from web content.
Known issues
Microsoft lists no known issues for this update at the time of writing.
How to get this update
This update is available exclusively to devices enrolled in the hotpatch program. It can be obtained through the following channels:
- Windows Update and Microsoft Update: The update downloads and installs automatically.
- Windows Update Catalog: Available for manual download and deployment.
- Server Update Services (WSUS): Available; refer to the Windows Update Catalog option for guidance.
Important: Your device may require a restart if a PowerShell session is active at the time the update is applied, even though hotpatch updates are generally designed to install without a restart. For full details on hotpatch updates and program enrollment, see the Hotpatch updates documentation.
Frequently asked questions
Does this update apply to all Windows 11 devices?
No. KB5074204 applies only to devices enrolled in the hotpatch program. The supported editions are Windows 11 Enterprise LTSC 2024, Windows 11 Enterprise and Education version 24H2, and Windows 11 Enterprise and Education version 25H2. Devices outside the hotpatch program will not receive this specific update package.
Will this update restart my device?
Hotpatch updates are designed to avoid mandatory restarts, but Microsoft notes that a restart may still be required if an active PowerShell session is running at the time of installation, independent of the hotpatch mechanism. Plan maintenance windows accordingly if PowerShell activity is expected on target systems.
What security vulnerability does this update address?
The update addresses CVE-2025-54100, a script execution risk associated with the PowerShell 5.1 Invoke-WebRequest command. The fix adds a confirmation prompt with a security warning so users can review and either approve or cancel a request before potentially unsafe web content is executed. Additional detail is in KB5074596.
Which architectures are covered by the updated files?
Microsoft ships updated files for both x64-based and ARM64-based versions of Windows. The primary files updated are Microsoft.PowerShell.Commands.Utility.dll and associated Microsoft.PowerShell.Commands.Utility.Resources.dll localization assemblies, all at file version 10.0.26100.7456, dated December 5, 2025.
![Find Exchange Server Version with PowerShell [2025]](/_next/image?url=https%3A%2F%2Fwww.navanem.com%2Fapi%2Fmedia%2Ffile%2Fexchange-build-number-cover.jpg&w=3840&q=75)








