Microsoft has acknowledged and is actively investigating a significant installation issue affecting the first Windows 10 Extended Security Update (ESU), designated KB5068781, which was released on November 11th as part of the monthly Patch Tuesday cycle. Reports began surfacing shortly after its release from corporate users encountering a persistent installation failure. Specifically, the update appears to install initially but subsequently fails during the restart process, resulting in a rollback and the display of the common error code 0x800f0922, indicating a failure to apply the security patch on certain licensed devices.
This problem is specifically impacting organizational systems that have been appropriately licensed for the ESU program. Readers and Windows administrators have confirmed purchasing and applying the required ESU licenses, typically via a MAK key, only to find the critical security update is failing across their managed Windows 10 fleet. The recurring nature of the 0x800f0922 error on these systems suggests a systemic conflict rather than an isolated installation glitch, preventing the immediate extension of security support for these machines.
Microsoft has formally confirmed the existence of the issue, providing further clarity on its scope. The company states that the installation failure is isolated to devices that utilize Windows subscription activation through the Microsoft 365 Admin Center. This narrow focus suggests the root cause lies within how the system validates or processes the ESU entitlement specifically through that corporate activation method, leading to the CBS_E_INSTALLERS_FAILED error message referenced by Microsoft in its explanation.
Unfortunately, the technology giant has not yet provided a timeline for when a definitive fix will be released to resolve the 0x800f0922 errors and allow the ESU update to successfully complete. Furthermore, no temporary workarounds have been officially suggested to mitigate the problem in the interim, leaving affected administrators unable to apply the necessary November security updates and potentially leaving licensed devices vulnerable until a patch is issued.
Compounding the installation issues, corporate Windows admins have also observed a second, related deployment problem: some appropriately licensed Windows 10 devices are not even recognizing that they require the new KB5068781 ESU update. These persistent installation and detection challenges highlight the complexity of modern patch management in enterprise environments.
Reference:
