Microsoft Fixes Windows Server 2016 Update Failures After June 2026 Patch Rollout Issues
What Happened — Microsoft confirmed that the June 2026 security update (KB5094122) could fail on Windows Server 2016 systems that had not previously installed the May 2026 update (KB5087537). The failure manifested as error 0x80070002 (FILE_NOT_FOUND) and was traced to missing prerequisite files and insufficient free space on the EFI System Partition. Microsoft has now released a fix that resolves the installation errors.
Why It Matters for Compliance & Audit Readiness
- Patch‑management is a core SOC 2 control (CC6.1 – Security of the system); missed updates create a compliance gap that auditors will flag.
- Continuous evidence of successful update deployments is required to demonstrate due‑diligence and to support a defensible audit trail.
- Verisq’s Control Mapping capability can automatically map patch‑management activities to SOC 2 criteria and collect immutable proof of remediation.
Who Is Affected — Enterprises running Windows Server 2016 across cloud‑infrastructure, SaaS providers, and on‑prem data‑centers; broadly impacts the TECH_SAAS and CLOUD_INFRA sectors.
Recommended Actions
- Verify that all Windows Server 2016 hosts have installed KB5087537 before applying KB5094122.
- Audit EFI System Partition free‑space and expand it where needed to meet Microsoft’s requirements.
- Deploy automated patch‑compliance tooling that logs success/failure and retains logs for SOC 2 evidence.
- Capture remediation steps in a centralized control‑mapping repository to streamline future audits.
Source: BleepingComputer
Technical Notes — The failure was triggered by a missing prerequisite update and insufficient ESP space, leading to error 0x80070002. No CVE is associated; the issue is a misconfiguration of the update chain rather than a vulnerability. Source: same as above