KB5078766 – Windows Server 2022

KB5078766 is the cumulative update for Windows Server 2022 and Windows Server 2022 Server Core installation. It was released on 10 March 2026 under the ‘Patch Tuesday’ release cycle.

KB5078766 is for Windows Server 2022 21H2 and 22H2 editions. For Windows Server 2022 23H2 edition, the applicable cumulative update is KB5078734.

Salient points

• KB5078766 supersedes February 2026 cumulative update KB5075906.
• KB5078766 corresponds to server build 20348.4893.
• KB5078766 also includes changes included in out of band updates KB5082314 released on 2 March 2026.
• 40 security vulnerabilities have been disclosed by Microsoft in Macrh 2026 for Windows Server 2022.
• No Zero-day vulnerabilities affect Windows Server 2022 and Windows Server 2022 Server Core installation.
• No Critical security vulnerability impact Windows Server 2022.
• The Servicing Stack Update corresponding to KB5078766 is KB5078763 with build number corresponding to 20348.4880. Separate installation of the SSU or Servicing Stack is not needed.

Zero-day vulnerability

No zero-day vulnerabilities affect Windows Server 2022. The zero-day vulnerabilities are either publicly disclosed or have proven instances of exploitation.

Critical vulnerabilities

No CRITICAL vulnerability affects Windows Server 2022 in March 2026.

Servicing Stack Update KB5078763

The Serving Stack Update for KB5078766 is KB5078763. The SSU file is included in the main cumulative update. Therefore, separate installation is not needed.

Download KB5078766

You may download the offline installer file for KB5078766 from the catalog site link shared below:

• Download KB5078766 from the Microsoft Update Catalog (499.4 MB)

The cumulative update is available for x64 deployments for Windows Server 2022 versions 21H2 and 22H2. Upon installation of KB5078766, the server would restart.

Changelog – KB5078766

The following changes or improvements are part of KB5078766 for Windows Server 2022 21H2 and 22H2 editions:

• This security update addresses security vulnerabilties on Windows Server 2022.
• [Secure Boot] With this update, Windows quality updates include additional high confidence device targeting data, increasing coverage of devices eligible to automatically receive new Secure Boot certificates. This targeting is based primarily on client device diagnostic data; due to limited data, servers are unlikely to qualify, though not explicitly excluded. Devices receive new certificates only after demonstrating sufficient successful update signals, maintaining a controlled and phased rollout.
• [Windows System Image Manager​​​​​​​] Improved: This update improves the reliability of choosing trusted catalog files. It adds a warning dialog that helps you confirm that the file you select comes from a trusted source.

Important Reminder – Secure Boot Services

It is important to note that the Secure Boot certificates used by most Windows devices are set to expire starting in June 2026. Secure Boot is a security feature in Unified Extensible Firmware Interface​​​​​​​ (UEFI) based firmware that helps ensure that only trusted software runs during a device’s boot (start) sequence.

Since Windows introduced Secure Boot support, all Windows-based devices have carried the same set of Microsoft certificates in the KEK and DB. These original certificates are nearing their expiration date, and your device is affected if it has any of the listed certificate versions. To continue running Windows and receiving regular updates for your Secure Boot configuration, you will need to update these certificates.