HomeIntelligenceBrief
BREACH BRIEF🟡 Medium ThreatIntel

Microsoft Resolves Windows 11 Update Failure Caused by EFI Partition Space Shortage (KB5089549)

A Windows 11 security update (KB5089549) was failing on devices with ≤10 MB free space on the EFI System Partition, triggering rollback errors. Microsoft released a cumulative update (KB5089573) that fixes the problem, and recommends immediate deployment to avoid patch‑delay risks.

LiveThreat™ Intelligence · 📅 June 01, 2026· 📰 bleepingcomputer.com
🟡
Severity
Medium
TI
Type
ThreatIntel
🎯
Confidence
High
🏢
Affected
2 sector(s)
Actions
4 recommended
📰
Source
bleepingcomputer.com

Microsoft Fixes Windows 11 Update Failure Affecting Devices with Limited EFI Partition Space (KB5089549)

What Happened – Microsoft identified that the May 2026 Windows 11 security update (KB5089549) could fail with error 0x800f0922 on devices whose EFI System Partition (ESP) had ≤10 MB free space. The update would roll back during the reboot phase, leaving the system in a “Something didn’t go as planned” state. Microsoft released a preview cumulative update (KB5089573) on May 26 2026 that resolves the issue and made the fix available in the June Patch Tuesday roll‑out.

Why It Matters for TPRM

  • Update‑failure can halt security‑patch deployment, extending exposure windows for known vulnerabilities.
  • Enterprise‑wide rollout delays may impact compliance calendars and service‑level agreements.
  • The root cause is a configuration limitation (ESP size) that many third‑party device‑management tools must account for.

Who Is Affected – Enterprises and managed service providers that deploy Windows 11 (versions 24H2, 25H2) across any industry; particularly environments with automated patching or thin‑client devices with constrained EFI partitions.

Recommended Actions

  • Verify ESP free space ≥10 MB on all Windows 11 endpoints before applying May 2026 updates.
  • Deploy the KB5089573 preview cumulative update (or later June Patch Tuesday) to remediate the issue.
  • If immediate remediation is not possible, enable the “Known Issue Rollback” Group Policy as a temporary mitigation.
  • Update internal patch‑management playbooks to include ESP‑size checks for future releases.

Technical Notes – The failure stems from insufficient free space on the EFI System Partition, causing the update engine to abort during the reboot stage (≈35‑36 % progress). No CVE is associated; the problem is a misconfiguration rather than a vulnerability. Log entries such as “SpaceCheck” and “ServicingBootFiles failed” indicate the condition. Source: BleepingComputer

📰 Original Source
https://www.bleepingcomputer.com/news/microsoft/microsoft-fixes-kb5089549-windows-security-update-install-issues/

This LiveThreat Intelligence Brief is an independent analysis. Read the original reporting at the link above.

From the Verisq platform · Trust Operations

Misconfigurations are control gaps in disguise.

Verisq AI Trust Operations turns findings like this into mapped controls with continuous evidence, keeping your audit readiness current instead of point-in-time.

Map your controls with Verisq AI Trust Operations →