New Windows 10 Update KB5063709 Fixes Critical ESU Enrollment Error
System administrators managing certain versions of Windows 10 should be aware of a new, essential out-of-band update. This update, identified as KB5063709, has been released to address a significant issue preventing the activation of Extended Security Updates (ESU) licenses.
If your organization relies on the ESU program to keep your Windows 10 machines secure past their end-of-life date, this update is critical for maintaining your security posture.
The Problem: A Frustrating Activation Failure
The issue originated with the April 2024 security update for Windows 10. Following its installation, many administrators discovered they could no longer successfully enroll their devices in the ESU program. The activation process would fail, generating a specific and disruptive error code: 0xc004f050.
This error effectively blocked businesses from activating the paid security updates they depend on, creating a potential gap in security coverage as the standard support window for Windows 10 narrows.
Who Is Affected by This Issue?
It is important to note that this problem does not affect all Windows 10 users. The activation failure is specific to systems running the following Long-Term Servicing Channel (LTSC) editions:
- Windows 10 Enterprise LTSC 2021
- Windows 10 IoT Enterprise LTSC 2021
Standard consumer versions of Windows 10, such as Home and Pro, are not impacted by this particular ESU enrollment bug. The fix is exclusively targeted at enterprise environments that use these LTSC versions and plan to leverage the ESU program.
The Solution: What KB5063709 Does
The KB5063709 update is an out-of-band release, meaning it was issued outside of the regular “Patch Tuesday” schedule to fix this specific, high-priority problem. Its sole purpose is to resolve the underlying cause of the 0xc004f050 activation error.
By installing this patch, administrators will restore the ability to properly activate their ESU licenses, ensuring their LTSC devices are eligible to receive crucial security updates beyond the official end-of-support date.
Actionable Steps: How to Get and Install the Update
This is not an automatic update. Due to its targeted nature, KB5063709 will not be delivered through the standard Windows Update service. System administrators must manually download and install it.
Here are the essential steps to resolve the issue:
- Go to the Microsoft Update Catalog: This is the official repository for manual update downloads.
- Search for KB5063709: Use the search bar to find the specific update package.
- Download the Correct Version: Ensure you select the package that corresponds to your system’s architecture (e.g., x64).
- Install Manually: Deploy and install the downloaded package on all affected LTSC 2021 machines.
Security Tip: Proactively applying this fix is crucial. Without it, your organization’s devices may be left unprotected from new vulnerabilities discovered after the mainstream support for Windows 10 ends. The Extended Security Updates program is a vital tool for managing the lifecycle of enterprise devices, and this update ensures it functions as intended.
In summary, if you manage Windows 10 Enterprise or IoT Enterprise LTSC 2021 systems and have encountered activation errors, installing KB5063709 should be your immediate priority.
Source: https://www.bleepingcomputer.com/news/microsoft/windows-10-kb5063709-update-fixes-extended-security-updates-enrollment/
