Microsoft has finally addressed a critical installation failure affecting the Windows 11 May 2026 security update, KB5089549, with a hotfix released on May 26, 2026. The update, which began rolling out on May 12, 2026, triggered rollbacks on systems running Windows 11 versions 24H2 and 25H2 with very little free space left on their EFI System Partition (ESP). KB5089573 now resolves the space management flaw, allowing the security patch to install successfully on constrained drives.
The Rollback That Frustrated Users
The May 2026 Patch Tuesday delivery included KB5089549, a cumulative security update addressing critical vulnerabilities in the Windows kernel, Secure Boot, and the NTFS driver. However, within hours of its release, reports flooded Microsoft’s Feedback Hub and Reddit threads. Users described a repeatable loop: the update would download, begin installation, fail at around 30%, and then roll back. Some saw error 0x800f0922; others encountered the generic “We couldn’t complete the updates / Undoing changes” message.
Affected devices ranged from budget laptops with 64GB eMMC storage to high-end workstations that had been partitioned years ago with a minimal ESP. One recurring theme was that the system reserved partition—typically 100MB to 500MB—had less than 30MB of free space. On these machines, the update’s staging operation exhausted available room, triggering an automatic rollback. The issue was not limited to a specific OEM; clean-installed Windows 11 systems, upgraded devices from Windows 10, and even fresh Windows 11 25H2 Insider builds exhibited the fault.
Why ESP Space Became a Showstopper
The EFI System Partition is a small, FAT32-formatted volume that stores the Windows Boot Manager, boot configuration data, and critical recovery tools. Historically, Microsoft has designed cumulative updates to stage temporary files on the primary system drive (C:), not on the ESP. But the May 2026 security update introduced a new Secure Boot mitigation that required updating boot-related components directly on the ESP. The servicing stack needed to create a backup of the existing boot files, apply the new ones, and then clean up—all within a single transaction.
On systems where the ESP was nearly full, this three-step process hit a wall. The staging operation attempted to reserve double the size of the new boot components, plus overhead, pushing the required free space well above 50MB in some cases. When the servicing stack detected an inability to complete the backup, it triggered an immediate rollback to prevent the system from becoming unbootable. The logic was sound from a safety perspective, but the failure left users stuck on the previous month’s update with no clear resolution path.
The problem was compounded by the fact that Windows does not provide a simple built-in tool to expand the ESP. Many users resorted to third-party partition managers, risking boot corruption. Microsoft’s own Disk Management console cannot modify the ESP once the system is running, and the Windows Recovery Environment (WinRE) provides only limited command-line options via diskpart. The result was a growing pool of unpatched devices, precisely when the security patches were most critical.
Microsoft’s Swift Response
On May 19, just a week after the initial rollout, Microsoft acknowledged the issue in a support document (KB5089641) and paused the update’s availability for potentially affected configurations. An automatic detection mechanism was deployed to Windows Update servers, preventing the update from being offered to machines with ESP free space below a threshold. The official workaround at that point was to manually increase the ESP size or free up space by removing unnecessary boot entries.
The root cause analysis, cited in the KB5089573 release notes, identified that the servicing stack was not correctly accounting for the ESP’s available capacity when planning the transaction. A fix was developed and validated through the Windows Insider Release Preview channel over the following weekend. On May 26, 2026, Microsoft published KB5089573, which revised the servicing stack’s disk-space calculation algorithm and added a pre-installation check that would automatically attempt to reclaim space from unused language resources in the EFI folder before proceeding.
KB5089573 is not a cumulative update in the traditional sense; it is a servicing stack update (SSU) that must be installed before or alongside the next cumulative update. For systems that had the stalled KB5089549, the hotfix is automatically downloaded and applied via Windows Update when the May 2026 security update is re-offered. The installation requires a restart and a subsequent “update and restart” cycle to complete both the SSU and the cumulative package.
How to Apply the Fix
For most users, the resolution is fully automatic. Windows Update will detect the need for KB5089573 when KB5089549 becomes available again on your device. No manual intervention is required. However, system administrators managing fleet deployments or users with metered connections should verify the installation.
To manually trigger the fix:
- Open Settings > Windows Update and select “Check for updates.”
- If KB5089573 is listed as a separate update, allow it to install first, then restart.
- After the restart, check for updates again; KB5089549 should now appear and install successfully.
- If the security update still fails, run the Windows Update Troubleshooter from Settings > System > Troubleshoot > Other troubleshooters to clear any cached installers.
Enterprise environments using Windows Server Update Services (WSUS) or Microsoft Endpoint Configuration Manager must import KB5089573 explicitly. The update is classified as “Critical” and can be found by searching the Microsoft Update Catalog for “KB5089573” or “2026-05 Servicing stack update for Windows 11 version 24H2 and 25H2”. After deployment, the May security update will become applicable.
Microsoft strongly advises against manually resizing the ESP unless you are an advanced user with a full system backup. If you must increase the partition size, use a bootable USB with a partition tool such as GParted. Shrink the C: drive by at least 500MB, then expand the ESP to a minimum of 600MB. This will provide ample headroom for future boot-component updates. However, with KB5089573 installed, the space-reclamation logic should eliminate the need for such low-level tinkering.
Known Caveats and Remaining Vulnerabilities
While KB5089573 resolves the primary installation failure, a small subset of users may still encounter a different error: 0x80070643 if the Windows Recovery Environment (WinRE) partition is also critically low on space. The May 2026 update includes a WinRE enhancement that patches a Secure Boot bypass; on systems where WinRE resides on the same physical recovery partition and has less than 250MB free, the update could still roll back. Microsoft’s KB5089641 knowledge base article provides a remedy: re-deploy the WinRE update package manually from the Microsoft Update Catalog after temporarily enlarging the recovery partition.
Another nuance affects dual-boot configurations where non-Microsoft bootloaders have written custom entries to the ESP. KB5089573’s automatic cleanup targets only language-specific resource directories (e.g., \EFI\Microsoft\Boot\Resources\en-US) that are safe to remove. It will not delete third-party folders. If a third-party bootloader has consumed the majority of the ESP, you may still need to manually move or archive those files before the security update can proceed.
Security-conscious users should note that the May 2026 update patches four zero-day vulnerabilities, one of which (CVE-2026-21937) has been actively exploited in the wild. Staying on the April 2026 patch level is therefore highly risky. The good news: with KB5089573 pre-installed, the security update installs cleanly on more than 99% of previously affected configurations, according to Microsoft’s telemetry.
Lessons for the Future of Windows Servicing
The ESP space bug is not the first time a cumulative update has stumbled over partition sizing, but it is a stark reminder of how the increasing complexity of boot-security mitigations can expose fragility in long-assumed defaults. The standard 100MB ESP, established in the Windows 8/10 era, is proving tight for modern requirements that include WinRE, Secure Boot variables, multiple language folders, and now runtime integrity checks that may store additional state on the ESP.
Microsoft engineers are reportedly evaluating a dynamic ESP-resize feature for future releases, perhaps leveraging the Windows Update engine to non-destructively expand the ESP when disk layout permits. Until then, KB5089573’s on-the-fly cleanup offers a pragmatic, if temporary, bridge. It also introduces a new diagnostics API that third-party partition tools could use to assess update readiness.
IT professionals should audit their organization’s standard OS deployment images. If the ESP is carved to the legacy minimum, consider adopting a 500MB to 1GB ESP for all new installations. This aligns with the growing guidance from both Microsoft and PC manufacturers, who have already started shipping devices with larger boot partitions.
Closing Thoughts
The May 2026 ESP saga demonstrates the delicate balance between innovation and compatibility in Windows servicing. A security update designed to protect millions of devices inadvertently locked them out of protection for two weeks. Microsoft’s rapid acknowledgment and targeted fix, culminating in KB5089573, restored confidence. The episode also highlights the importance of proactive disk-health monitoring: tools like Storage Sense and Disk Cleanup should become part of any monthly update ritual.
Users who previously struggled with the May 2026 update can breathe easier. Install KB5089573, re-attempt the security patch, and let the new servicing logic handle the rest. The fix is available now via Windows Update for all supported versions of Windows 11, and it will be rolled into the June 2026 cumulative update baseline, ensuring that no future update repeats this particular stumbling block.