Windows 11 Enterprise LTSC Gets July Security Update with New Features and Fixes

Microsoft has released its July 2025 security update for Windows 11 Enterprise LTSC 2024, identified by the knowledge base article KB5062553. This update, part of the regular Patch Tuesday cycle, not only addresses numerous security vulnerabilities but also introduces a range of non-security improvements and bug fixes. For IT administrators managing enterprise environments, this release also marks the establishment of a new security update baseline, which works in conjunction with Microsoft's hotpatching technology to streamline the update process and minimize user disruption.

The July 8, 2025, release serves as a mandatory security update, meaning it will be automatically downloaded and installed on systems configured for Windows Update. For those managing updates manually, it is available through the Microsoft Update Catalog. Upon installation, the build number for Windows 11 version 24H2 will be updated to 26100.4652.

Understanding the Security Update Baseline and Hotpatching

A key aspect of this release for Windows 11 Enterprise LTSC is the concept of a "security update baseline." This baseline is a full, cumulative update that requires a system restart. It establishes a new foundation for the subsequent months' updates.

Following a baseline release, Microsoft utilizes a technology called "hotpatching" for the next two months. Hotpatching allows for the installation of security updates without requiring a system reboot. This is achieved by patching the in-memory code of running processes. This approach significantly reduces downtime and interruptions for users, a critical factor in enterprise environments. The cycle then repeats, with a new baseline update requiring a restart released quarterly.

Key Security Fixes in the July 2025 Update

This month's update addresses 77 security vulnerabilities, with five of them classified as "critical," the highest severity rating. These critical vulnerabilities include potential remote code execution flaws. While none of the vulnerabilities were reported as being actively exploited, prompt installation is recommended to protect systems.

New Features and Enhancements

Beyond the security patches, KB5062553 incorporates several new features and improvements, many of which were previewed in the previous month's optional update.

A notable addition is the initial rollout of a new PC-to-PC migration experience. This feature, integrated with the Windows Backup app, will eventually allow for the seamless transfer of files and settings to a new computer during the setup process.

For users of Copilot+ PCs, the "Click to Do" feature now includes a Microsoft 365 Copilot button, enabling users to send text or images to the AI assistant.

Other enhancements include:
* Smaller taskbar icons: The taskbar can now automatically resize icons to accommodate more applications when space is limited.
* Accessibility improvements: The Accessibility menu in Quick Settings now includes text descriptions for assistive technologies like Narrator and Voice Access. Narrator also gains a "Screen Curtain" feature that blacks out the screen for privacy while it reads content aloud.
* Windows Share window updates: The share window now provides a visual preview of shared links and web content.
* Enterprise-focused Settings homepage: For devices managed by IT, the Settings homepage will now display cards relevant to enterprise use, such as recommended settings and Bluetooth devices.

Bug Fixes and Quality Improvements

The July 2025 update also resolves a number of bugs and improves the overall quality of the operating system. Some of the key fixes include:

  • Copilot reliability: An issue that could prevent users from restarting Copilot using its dedicated key has been addressed.
  • Storage optimization: A bug that prevented the full removal of unused language packs and Feature on Demand packages, leading to wasted storage and longer update times, has been fixed.
  • Windows Search performance: The update tackles an issue that caused Windows Search to respond slowly.
  • Notification sounds: A problem where notification sounds for on-screen alerts, volume adjustments, and sign-ins would not play has been resolved.
  • Windows Firewall event log: An issue causing "Config Read Failed" events in the Event Viewer for Windows Firewall has been fixed.
  • Graphics issue: A bug from the June 2025 non-security update that could cause game content to go out of sync with the cursor after using ALT+Tab has been corrected.

IT administrators are encouraged to review the official Microsoft release notes for a comprehensive list of all changes and any known issues associated with this update.