MC1250975: Out-of-band update released for Windows Enterprise client devices running hotpatch updates

Microsoft has identified a security issue in the Windows Routing and Remote Access Service (RRAS) management tool that could allow remote code execution when connecting to a malicious server. This issue only applies to a limited set of scenarios involving Enterprise client devices running hotpatch updates and being used for remote server management.An out-of-band (OOB) hotpatch update (KB5084597) was released today, March 13, 2026, to address this issue. This cumulative update includes all protections and improvements from the March 2026 Windows security update released March 10, 2026. No action is required if:

• Your devices receive standard Windows updates.
• If you are not using the RRAS management tool on Windows devices running versions 25H2 or 24H2.

This OOB hotpatch update is available for Windows 11, versions 25H2 and 24H2 devices enrolled in hotpatch updates and managed by Windows Autopatch. This update will install automatically through Windows Update and take effect without requiring you to restart your device. Learn more about Hotpatch updates.For more information, refer to the KB article March 13, 2026—Hotpatch KB5084597 (OS Builds 26200.7979 and 26100.7979) Out-of-band.